zadig
WarnAudited by ClawScan on May 10, 2026.
Overview
This is mostly a coherent Zadig API client, but it contains under-disclosed shell execution and can send a powerful Zadig token over non-HTTPS connections.
Review index.js before installing. Only use an HTTPS Zadig URL, create a least-privilege API token, and require manual confirmation for project deletion, deployments, cluster changes, and user or role changes. The shell execution path should be removed or fully explained and constrained before trusting this skill.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If that code path is invoked, the skill can run local shell commands beyond the stated API-client behavior.
The code contains synchronous shell command execution, while the skill documentation and package permissions only disclose environment-variable access and network calls to Zadig.
output = execSync(cmd, { encoding: 'utf8', timeout: 15000 });Remove the shell execution or replace it with direct API calls. If it is truly required, document it clearly, constrain allowed commands, sanitize all arguments, and require explicit user approval.
A misconfigured http:// Zadig URL could expose the API token and any DevOps permissions it grants.
The client chooses the plain HTTP library for non-HTTPS URLs while still sending the Zadig bearer token, despite the package declaring network:https and describing HTTPS-only calls.
const isHttps = url.protocol === 'https:'; const lib = isHttps ? https : http; ... 'Authorization': 'Bearer ' + API_KEY
Enforce HTTPS by rejecting non-https ZADIG_API_URL values, and use a least-privilege Zadig token.
Mistaken or over-broad agent use could delete projects, trigger or cancel workflows, change clusters, or modify users and roles.
The skill exposes destructive and administrative DevOps operations. This matches the stated DevOps automation purpose, but these actions can materially change deployments and account permissions.
| 项目 | 创建/查询/删除项目 | | 工作流 | 触发/查询/取消/重试/审批工作流 | | 集群 | 管理 Kubernetes 集群 | | 权限 | 用户、角色、成员管理 |
Use a scoped token, set a default project/environment where possible, and require explicit confirmation before destructive, deployment, or permission-management actions.