Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Mubu Integration
v1.0.0幕布笔记集成,支持登录认证、文档管理、文件夹操作、大纲导出等功能。触发词:幕布、mubu、大纲笔记、思维导图导出、幕布同步
⭐ 0· 34·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description promise a Mubu integration (login, doc/folder management, export). The included script implements those features and calls Mubu API endpoints, so capability matches purpose. However, the registry metadata lists no required environment variables or primary credential while the SKILL.md and scripts require MUBU_PHONE and MUBU_PASSWORD; this metadata omission is an incoherence (the skill needs credentials but the manifest doesn't declare them).
Instruction Scope
SKILL.md shows code snippets and usage that only call Mubu API endpoints, which is appropriate. But the runtime behavior in scripts/mubu_api.py reads/writes a token file at ~/.mubu_token and the README suggests an alternative config file ~/.workbuddy/.env.mubu; those filesystem accesses are not declared in registry metadata. The CLI also allows reading arbitrary local files when saving content (e.g., --file), which could cause the agent to read local files if invoked with such arguments. These file reads/writes are within the tool's domain but should be explicit in metadata/instructions.
Install Mechanism
No install spec is present (instruction-only plus a script). That minimizes installer risk — nothing is downloaded or executed automatically beyond the provided Python script. The script uses the requests library but does not install packages itself; the user would need Python and requests available.
Credentials
The skill legitimately needs MUBU_PHONE and MUBU_PASSWORD to log in, which is proportional to the stated functionality. However, the skill metadata did not declare these required environment variables or a primary credential, creating an expectation mismatch. Also the script persists JWT tokens locally in plaintext (~/.mubu_token), which increases the sensitivity of granting those credentials.
Persistence & Privilege
The skill does not request elevated platform privileges and is not 'always: true'. It does persist authentication tokens to ~/.mubu_token (JSON containing token, user id, username, expires_at) unencrypted; this is typical for CLI tools but is a privacy/credential persistence concern the user should be aware of.
What to consider before installing
This skill's code and SKILL.md implement the advertised Mubu operations, but the registry metadata failed to declare that it requires your Mubu phone number and password. If you install it: (1) only provide credentials you are willing to store; consider creating a dedicated or limited account; (2) be aware the script writes an unencrypted token file to ~/.mubu_token — check and restrict its filesystem permissions (chmod 600) or remove it when not needed; (3) confirm you trust the skill source (no homepage or known owner listed); (4) inspect the script yourself or run it in an isolated environment if you want to verify behavior before giving real credentials. If the metadata were corrected to declare required env vars and token persistence, the risk would be lower; as-is, proceed cautiously.Like a lobster shell, security has layers — review code before you run it.
latestvk97e4ks6rh3xvz93p4xzjz8g4x84tze9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.