Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
mocklab
v1.1.1第三方接口 Mock 服务器。当用户需要对接第三方 API 但对方测试环境未就绪,或想在不依赖真实网关的情况下调试接口时使用此技能。 支持任意格式的接口文档(Markdown、Word、Java 源码、纯文本等)和任意结构(表格、嵌套 JSON、加密字段、数组对象等)。模型自动理解文档并驱动整个流程:解析文档 →...
⭐ 1· 44·0 current·0 all-time
byLancer Lin@lancer07
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (AI-driven local mock server) aligns with included files (mock_server.py, UI, README, SKILL.md). However SKILL/README claim dependencies (FastAPI/Uvicorn) will be installed automatically while no install spec is present in the registry metadata — an operational inconsistency. Also the docs state the LLM will 'generate project_name' and the server will write schema_store/{project_name}.json; delegating filename creation to the model without explicit sanitization is a design choice that can be risky.
Instruction Scope
SKILL.md instructs the agent to obtain documents via three user-supplied paths: local file path (Read tool), URL (web_fetch), or pasted content — all sensible for building schemas. This is within scope, but Read/web_fetch give the agent the ability to read arbitrary local files or fetch arbitrary URLs depending on user input; the skill relies on the model to parse and create schemas (the code doesn't appear to implement 'AI parsing'), so the agent will be interacting with local filesystem and external URLs under user-supplied inputs. Recommend caution when supplying sensitive file paths or untrusted URLs.
Install Mechanism
No install spec is present despite README claiming FastAPI/Uvicorn will be installed automatically. The skill is instruction+code only; if dependencies aren't installed by the platform, users must install them manually. This mismatch is an operational/integrity concern (not necessarily malicious) — verify how dependencies are provisioned by your environment before running.
Credentials
The skill declares no required environment variables, no external credentials, and no config paths. That matches the stated purpose of a local mock server.
Persistence & Privilege
The server persists state to files within the skill directory (schema_store/ and state_store.json) which is expected. However, SKILL.md and the run command rely on a model-generated project_name used directly as a filename/path (schema_store/{project_name}.json) and passed to the server. If project_name is not validated/sanitized by the server, a malicious or malformed project_name could trigger path traversal or overwrite files outside the intended directory. The code writes state files locally (normal), but verify project name sanitization and file path handling before use.
What to consider before installing
This skill is generally coherent for running a local mock API server, but take these precautions before installing/running:
- Inspect/mock_server.py for input sanitization: ensure the server sanitizes the project name (no ../, absolute paths, or special characters) to avoid path traversal or overwriting files outside the skill directory.
- Verify dependency installation: README claims FastAPI/Uvicorn are auto-installed but the registry shows no install spec — confirm how your environment will install Python packages, or install dependencies from trusted sources first.
- Run in an isolated environment (VM/container) initially to limit any accidental file writes or exposures.
- Be cautious when supplying local file paths or URLs for the AI parser: only provide API-doc files you trust and avoid pointing the skill at system files or secrets.
- Review the rest of mock_server.py (the truncated portion) for any outbound network calls, exec/eval or subprocess usage before running on a host with sensitive data.
If you want, I can scan the remainder of mock_server.py for path handling and any network/exfiltration code (provide the full file or let me continue the file review).Like a lobster shell, security has layers — review code before you run it.
latestvk97emcanp2a3d1jg31yf6xf1mh843epn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.