v1.0.2

三峰智能

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:16 AM.

Analysis

This smart-home skill is purpose-aligned, but it asks for account credentials, stores a bearer token persistently, and can issue real device/scene commands with broad triggers.

GuidanceReview carefully before installing. Use this only if you trust the publisher and the open.aibasis.cc service, and understand that your smart-home login token and device list may be saved locally and used to perform real device or scene actions.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

用户说任何模式或场景名称时，调用本技能 ... 所有操作真实调用 API，不返回模拟或伪造结果。

The invocation scope is broad and can turn ordinary scene/mode names into real API actions, with no visible confirmation requirement before device or scene execution.

User impactA mistaken or ambiguous phrase could cause real smart-home actions, such as running a scene or controlling devices.

RecommendationRequire explicit confirmation for scene execution and device changes, especially for plugs, curtains, HVAC, or ambiguous scene names.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.

The skill’s implementation is visible as instructions, but there is limited provenance information for a credential-handling smart-home integration.

User impactUsers have less independent information to verify that the skill publisher and referenced service are trustworthy.

RecommendationVerify the publisher and the SUFN service endpoint before entering account credentials.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

触发词：`三峰登录 账号 密码` ... 认证：所有接口 Header 加 `Authorization: Bearer <token>`

The skill requires the user’s smart-home account credentials and then uses a bearer token for authenticated account actions; this is high-impact account authority, and the supplied metadata declares no primary credential.

User impactInstalling and using the skill gives the agent access to a smart-home account token that can control the user’s home devices.

RecommendationOnly use this if you trust the publisher and endpoint; the skill should declare its credential requirement clearly and document the exact account scope and token handling.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityHighConfidenceHighStatusConcern

SKILL.md

登录状态和设备数据持久化存储在 `{baseDir}/state.json` ... `token = $token; home = ...; devices = ...; rooms = ...; scenes = ...`

The skill persistently stores an authentication token and home/device inventory in a local state file, but the artifact does not describe protection, expiration, deletion, or logout handling.

User impactA saved token and home inventory may remain available for later agent actions or disclosure if the state file is exposed.

RecommendationStore only the minimum needed data, protect or avoid persisting bearer tokens, and provide clear logout/delete-state instructions.