inquiry analyzer
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill appears purpose-built for Alibaba inquiry reporting, but it uses a logged-in browser session with a hard-coded relay token and undeclared runtime dependencies, so it should be reviewed before installation.
Install only if you are comfortable giving the skill access to a logged-in Alibaba/OpenClaw browser profile and storing inquiry/chat data locally. Prefer a dedicated browser profile, verify the runtime dependencies, and review generated files for sensitive customer information.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can read and operate inside the user’s logged-in Alibaba browser session, including customer inquiries and related account data.
The analyzer authenticates to the local OpenClaw browser bridge with a hard-coded token. Because the workflow requires the user to be logged into Alibaba, this grants the skill automation access to an authenticated business account without a clearly declared credential boundary.
const RELAY_TOKEN = '856baea1afbe169e5eec0f6ecb5b90c77ddeb06b2abe1154'; ... const OPENCLAW_CDP_URL = 'http://127.0.0.1:18800'; ... headers: { 'x-openclaw-relay-token': RELAY_TOKEN }Use only with a dedicated browser profile/account, rotate or externalize the relay token, and ensure the skill declares and documents this session access clearly.
The skill may fail or may use whatever playwright-core package is available in the local environment, which weakens reproducibility and dependency trust.
The code requires an external runtime package, but the provided install specification has no package install or lockfile and the SKILL.md claims the skill is self-contained with no external dependencies.
const { chromium } = require('playwright-core');Add a pinned package manifest/lockfile or document the exact trusted runtime dependency expected by OpenClaw.
Running the OKKI command may initiate background checks for multiple inquiries rather than only viewing existing data.
The OKKI workflow can automatically click the button to start a background investigation. This is aligned with the stated OKKI background-analysis purpose, but it is still an account action performed by browser automation.
if (el.children.length === 0 && el.textContent.trim() === '发起背调') { el.click(); return true; }Confirm the inquiry range and OKKI account implications before running, especially if background checks have cost, quota, or compliance impact.
Installing and invoking the skill runs included JavaScript files on the local machine.
The entry script spawns a Node process to run the analyzer. This is expected for the skill’s local-script design and uses an argument array rather than a shell string, but it is still local code execution.
const child = spawn('node', args, { stdio: 'inherit', cwd: workingDir });Review the included scripts and run the skill only from a trusted package location.
Customer conversations and inquiry details may remain on disk after the analysis is complete.
The skill documents that it writes raw chat records to local files, along with reports and cache files. This is purpose-aligned, but it creates persistent local copies of sensitive inquiry/customer context.
| 聊天记录 | chats/inquiry-*.txt | 原始聊天记录文本 |
Store outputs in a protected location, delete old reports/chats when no longer needed, and avoid running on shared machines.