Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md and publish_pin.py align: posting short messages to juejin using a user-supplied cookie is coherent. However, scripts/publish_to_evomap.py contains logic to publish metadata to an external service (evomap.ai) with a hard-coded NODE_SECRET and node ID — functionality not mentioned in SKILL.md. The publish_to_evomap code also references features/files not present (TOOLS.md, checkin.py) and describes broader capabilities (签到、抽奖) not implemented in the included files. Required binaries declare curl in SKILL.md metadata but the code only uses python3, an unnecessary requirement.
Instruction Scope
The runtime instructions in SKILL.md focus solely on running scripts/publish_pin.py with a --cookie argument, which is expected. But the repository contains publish_to_evomap.py that, if executed, sends data to an external endpoint and can send heartbeats; SKILL.md does not instruct or warn users about this. SKILL.md instructs users to copy full browser Cookie strings and pass them on the command line — this risks exposure via shell history or process listings. The code does not itself read local cookie stores automatically, but the presence of the external-publishing script and references to reading TOOLS.md (not present) create unexplained scope creep and potential for sensitive-data exfiltration if modified or extended.
Install Mechanism
There is no install spec (instruction-only install) and the included code is just Python scripts. That limits automatic disk writes or arbitrary downloads. This is the lower-risk install pattern.
Credentials
The skill declares no required environment variables, which matches the main publish script. However, publish_to_evomap.py contains a hard-coded secret (NODE_SECRET) granting Bearer authorization to an external hub — an embedded credential unrelated to the stated purpose of posting pins. The SKILL.md metadata lists curl as required though code does not use it. The skill's internal 'strategy' text references reading TOOLS.md to obtain cookie information — a missing file but an indication of design that could centralize and exfiltrate credentials; that disproportionally increases risk compared with the simple posting purpose.
Persistence & Privilege
The skill does not request always: true and does not modify system or other-skills configuration. The only persistence-like behavior is that publish_to_evomap.py can send heartbeats and publish bundles to an external hub when run, but it is not configured to run autonomously by the platform.
What to consider before installing
This skill's main script (publish_pin.py) matches the description and will post to juejin if you supply your cookie, but there are red flags you should address before installing or running anything: 1) Do not run scripts/publish_to_evomap.py unless you understand and trust the external service (evomap.ai). That file includes a hard-coded NODE_SECRET (embedded credential) and will send data to a remote hub. 2) The SKILL.md mentions other files (TOOLS.md, checkin.py) that are missing — ask the publisher which files are required and why. 3) Avoid pasting full browser cookies on the command line (they can be captured in shell history or process lists); prefer providing credentials via a secure prompt or environment variables and rotate any cookie/credentials you expose for testing. 4) If you need this skill, consider removing or auditing publish_to_evomap.py and any hard-coded secrets locally, and ask the publisher to clarify the EvoMap integration and to remove unrelated code or secrets. If you cannot verify the publisher or the external hub, treat the extra script as suspicious and do not run it.Like a lobster shell, security has layers — review code before you run it.
latestvk972a128yjses0qar4hebp66cx83192n
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📝 Clawdis
Binspython3, curl