ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

5GC Web仪表自动化

v2.0.0

5GC Web仪表自动化技能,支持AMF/UDM/AUSF/SMF/PGW-C/UPF/PGW-U/GNB/UE/PCF/NRF的批量添加与编辑

0· 81·0 current·0 all-time
by@liuwei120
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (5GC web dashboard automation) match the included scripts: many Playwright-based Node.js scripts to add/edit AMF/UDM/SMF/UPF/GNB/UE/PCF/NRF. No unrelated cloud credentials, binaries, or services are requested.
!
Instruction Scope
Runtime instructions and scripts operate on the web dashboard at https://192.168.3.89 and save/reuse Playwright storageState (session cookies and localStorage). The repo contains hard-coded default credentials (dotouch@dotouch.com.cn / dotouch) and a .json session file with cookie/localStorage values (including base64-encoded tokens). SKILL.md and scripts instruct creating and reusing .sessions/ files under the skill directory — this stores authentication tokens on disk. While session persistence is expected for automation, bundling session tokens and credentials in the skill package is unexpected and risky.
Install Mechanism
No install spec or remote downloads are declared. This is an instruction-and-script package that requires Node.js and Playwright to be installed by the user — a low-risk install mechanism. No external archives or third‑party package installs are embedded by the skill itself.
Credentials
The skill declares no required environment variables or external credentials, which is coherent. However, the scripts contain hard-coded login credentials and an included session storage file with cookies/localStorage (including an auth.token). Embedding these credentials/session tokens inside the package is unnecessary for a generic automation skill and could leak access if the dashboard is real. The skill also writes session state to .sessions/ under the skill directory (expected for Playwright reuse) — users should be aware this persists credentials locally.
Persistence & Privilege
The skill is user-invocable, not always:true. It persists session state in its own .sessions/ folder (normal for Playwright-based automation). It does not request system-wide config edits or other skills' credentials. The 'spawn' calls use shell: true to invoke child node processes (standard for delegating to sub-scripts) — be cautious if untrusted input could reach those shells.
Scan Findings in Context
[base64-block] unexpected: A base64-like block was detected (pre-scan flagged). The repository contains Playwright storageState data (cookies and localStorage) and auth tokens that include base64-encoded blobs. Storing such tokens in package files or SKILL.md is not necessary for distributing an automation skill and can leak credentials. This finding is consistent with the included scripts/session JSON and should be treated as a sensitive disclosure rather than benign content.
What to consider before installing
This skill appears to implement the claimed 5GC web dashboard automation, but exercise caution before installing: - Sensitive artifacts: the package includes hard-coded login credentials (dotouch@dotouch.com.cn / dotouch) and a Playwright storageState JSON containing cookies and an auth.token (base64-like). If the target dashboard is real, these files provide direct access and should not be shipped or trusted. Delete or rotate any embedded credentials and remove the .sessions/*.json files before use. - Local persistence: the scripts will save session storage to a .sessions/ directory inside the skill, which stores authentication tokens on disk. Be aware this is persistent and accessible to anyone with access to the host filesystem. - Network scope: the scripts only target the dashboard URL (default https://192.168.3.89). Confirm that this is the intended, isolated test environment and not a production system you shouldn't automate with third-party code. - Code review: because this skill executes Node.js code (Playwright) from the skill package, only install it from a trusted source. Inspect the omitted/remaining files before running. Note the string literal 'REPLACED' seen in one script — confirm whether that is intentional or a placeholder that alters behavior. - Runtime safety: the CLI uses child process spawning with shell: true. Avoid passing untrusted input to the CLI to prevent shell-injection risk. If you need to proceed: remove or regenerate embedded credentials/session tokens, run the scripts in an isolated environment (network-restricted VM or container) against a known test instance, and consider running a security audit or executing the scripts step-by-step rather than giving them unfettered access.
scripts/5gc_test_all.js:83
Shell command execution detected (child_process).
scripts/5gc.js:101
Shell command execution detected (child_process).
!
scripts/5gc_session_192_168_3_89.json:37
Install source points to URL shortener or raw IP.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

5gcvk9777kwvd70ghkz5h8126rts2h83vdt5automationvk9777kwvd70ghkz5h8126rts2h83vdt5latestvk974vwjyykbhfmzbkdt5n200ws83x2kjnetworkvk9777kwvd70ghkz5h8126rts2h83vdt5playwrightvk9777kwvd70ghkz5h8126rts2h83vdt5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments