ClawHub
Back to skill
v1.0.0

Baidupan

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:33 AM.

Analysis

This looks like a straightforward Baidu Netdisk wrapper, but it requires Baidu authorization and can upload, download, or sync files you choose.

GuidanceBefore installing or using this skill, make sure you trust the bypy dependency, authorize only the Baidu account you intend to use, protect the ~/.bypy/ token directory, and confirm local/remote paths before upload, download, sync, or overwrite operations.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusNote
scripts/sync.sh
bypy syncdown "$source_path" "$target_path" ... bypy syncup "$source_path" "$target_path" ... bypy sync "$source_path" "$target_path"

The sync wrapper passes user-supplied paths to bypy for cloud-to-local, local-to-cloud, or bidirectional synchronization.

User impactA mistaken path or unintended sync direction could copy, overwrite, or propagate files between the local machine and Baidu Netdisk.
RecommendationUse explicit paths, review sync direction carefully, and be especially cautious with bidirectional sync or force/overwrite options.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
"requires": { "bins": ["bypy"] }, "install": [{ "kind": "pip", "package": "bypy" }]

The skill relies on an external bypy CLI package and the artifact does not pin a specific package version.

User impactSecurity depends partly on the installed bypy package and where it is obtained from.
RecommendationInstall bypy from a trusted package source, consider pinning a known-good version, and keep it updated.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
SKILL.md
首次使用需要**授权登录** ... 授权一次,长期有效(直到百度token过期) ... 授权信息保存在本地 `~/.bypy/` 目录

The skill requires Baidu account authorization and stores a reusable local token, which is expected for this integration but grants account-level cloud file access through bypy.

User impactAnyone or any agent process able to use the local bypy authorization may access the Baidu Netdisk content available to that token.
RecommendationAuthorize only an intended Baidu account, keep ~/.bypy/ private, and revoke or refresh the token if you no longer trust the environment.