Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Cmb Salary Import
v1.2.0招商银行工资批量导入工具。当用户提到"招行工资导入"、"工资表导入银行模板"、"AgencyPayment"、"批量代发"、"工资文件导入银行"时触发。功能:将工资表(工资.xlsx)中的税后实发金额、姓名、银行卡号、开户行等信息,不改格式地填入银行代发模板(AgencyPayment.xlsx)。支持:读取任意...
⭐ 0· 81·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code implements salary→AgencyPayment import as described (uses openpyxl and direct XLSX XML edits). However the skill also integrates a third‑party billing flow (SkillPay) with a hardcoded API key present in both SKILL.md and handler.py — billing is plausible for a paid skill but the key/credential handling is inconsistent with the registry metadata (which lists no required env vars) and is surprising for an install-less instruction-only package.
Instruction Scope
SKILL.md exposes an API key and SKILL_ID. The runtime code performs network calls to SkillPay and spawns subprocesses that call pack/unpack helper scripts at an absolute path (/mnt/c/Users/70426/.openclaw/skills/minimax-xlsx/...). The skill will read arbitrary files given by the user (salary/template) and writes to /tmp and output paths — acceptable for the task, but the absolute helper-script paths and embedded billing key extend scope beyond a simple local conversion tool.
Install Mechanism
There is no install spec. The scripts require Python packages (openpyxl, lxml) and external minimax-xlsx helper scripts (xlsx_unpack.py/xlsx_pack.py) but those aren't provided or declared as dependencies. The code calls those helpers via hardcoded absolute paths, which is fragile and potentially dangerous if an attacker can supply/replace those scripts on the host.
Credentials
Registry metadata declares no required env vars, but handler.py reads/uses SKILLPAY_API_KEY, SKILLPAY_API_URL, and SKILLPAY_SKILL_ID (with defaults). A full API key is committed into SKILL.md and as a default in code — this is disproportionate and risky because it causes billing/network behavior without an explicit credential requirement or user-provided key.
Persistence & Privilege
always:false and the skill does not request persistent presence or modify other skills. It writes temporary files under /tmp and outputs an XLSX file — behaviour is consistent with a conversion/import tool and does not escalate agent privileges.
What to consider before installing
This skill likely does what it claims, but several red flags mean you should not run it on production payroll or sensitive machines without checks. Key points: (1) SKILL.md and handler.py include a hardcoded SkillPay API key and default billing endpoint — this means payments/requests could be routed to an external account you don't control; consider removing the embedded key and supplying your own SKILLPAY_API_KEY via environment variables if you intend to use billing. (2) The scripts rely on minimax-xlsx xlsx_unpack.py/xlsx_pack.py via an absolute, user-specific path that won't exist on most systems — inspect or provide these helper scripts from a trusted source before running. (3) There is no install spec for Python deps (openpyxl, lxml); install these in a sandbox first. (4) Because the code calls subprocess on external scripts and makes outbound HTTP requests, run it in an isolated environment with sample (non-sensitive) data, review the network endpoint (https://skillpay.me) and the owner of the embedded API key, and replace or remove payment integration if you don't want external billing. If you need help making the skill installable and safe (adding dependency declarations, removing embedded keys, or using a local pack/unpack implementation), ask the author for an updated package or request source provenance before use.Like a lobster shell, security has layers — review code before you run it.
latestvk9740sm1hssa1ptf5wwby7243h83j10g
License
MIT-0
Free to use, modify, and redistribute. No attribution required.