ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Treasury Scenarios

v1.0.0

提供邮储银行司库系统核心业务场景查询,返回业务流程、接口组合及对应ASCII流程图支持模糊关键词匹配。

0· 137·0 current·0 all-time
bylbj@lbj-bnu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (treasury scenario lookups) align with the included scenarios.json and interfaces.json. However SKILL.md's declared file structure mentions handler.py and an assets/ directory which are not present in the package manifest — that mismatch suggests either missing files or inaccurate documentation.
Instruction Scope
SKILL.md describes keyword triggers and returning flows, interface lists, and ASCII/mermaid diagrams. The instructions do not tell the agent to read system files, access unexpected environment variables, or exfiltrate data; they appear scoped to searching the included JSON data and formatting output.
Install Mechanism
This is an instruction-only skill with no install specification and no binaries to fetch — lowest-risk install mechanism. Nothing in the package.json or SKILL.md attempts to pull remote code.
Credentials
The skill declares no required environment variables, credentials, or config paths. The scenario/interface data contain fields like Base64 file content and a token-returning interface (601383) which are legitimate domain data but do not, by themselves, require credentials from the host.
Persistence & Privilege
Flags are default (not always:true). The skill does not request persistent/system-wide privileges. Autonomous invocation is allowed by platform default and is not by itself a concern here.
What to consider before installing
This skill appears to be a packaged reference for treasury interfaces and workflows and does not request credentials or install code. However: 1) SKILL.md claims handler.py and assets/ that are not included — ask the publisher why code is missing or whether the skill is intentionally read-only. 2) Source/homepage are unknown and the owner ID is opaque; prefer skills from known, verifiable authors for banking-related content. 3) Although the package itself doesn't exfiltrate secrets, interfaces.json includes an endpoint that returns login links/tokens — ensure the agent is not authorized to call production banking APIs and do not supply any bank credentials. 4) If you plan to use this skill in production or allow autonomous invocation, request the full source (handler code) and a publisher identity, and review any network calls the skill would make before enabling it.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e9q49arhpykhbx3c174re4n835bfc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments