Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Volcano Engine Serverless Flink Skill
v1.0.4火山引擎 Flink 版统一管理技能,智能路由到合适的子技能处理 Flink 相关问题。包括工具管理、项目配置、资源管理、连接管理、任务开发、任务运维、监控诊断等全流程功能。Use this skill as the entrypoint when the user expresses a concrete Fl...
⭐ 1· 164·0 current·0 all-time
byCui Wenzheng@lvheyang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
SKILL.md and many child SKILL.md files clearly require and instruct use of the volc_flink CLI, local config (~/.volc_flink or $VOLC_FLINK_CONFIG_DIR), and (optionally) VOLCENGINE AK/SK/REGION — which is proportionate for a Flink management skill. However the registry metadata provided at the top of the evaluation states 'Required binaries: none' and 'Required env vars: none', creating an incoherence between what the skill claims (manifest) and what it actually needs (instructions). This mismatch reduces trust and should be corrected or explained.
Instruction Scope
The runtime instructions are scoped to Flink management via the volc_flink CLI: checking login state, listing projects, catalog/table inspection, generating CDC YAML, creating drafts, publishing jobs, and diagnosing logs/metrics. The docs explicitly prohibit asking users to paste plaintext AK/SK in chat and emphasize interactive login and redaction rules. I found no instructions that request unrelated system secrets or to exfiltrate arbitrary files or data.
Install Mechanism
This is an instruction-only skill with no install spec and no code files; nothing is downloaded or written to disk by the skill package itself. That is the lowest-risk install model.
Credentials
The skill sensibly references local config paths (~/.volc_flink, $VOLC_FLINK_CONFIG_DIR) and optional environment variables (VOLCENGINE_ACCESS_KEY, VOLCENGINE_SECRET_KEY, VOLCENGINE_REGION) and declares a primary credential 'volc_flink_local_config' in SKILL.md — all expected for a CLI-based cloud integration. The problem: the top-level registry metadata omitted these requirements. Verify whether the platform will actually grant access to those config paths/env vars or whether the metadata omission hides required privileges.
Persistence & Privilege
The skill does not request 'always: true' or other elevated persistence. It does state may_access_config_paths for the user's volc_flink config (reasonable for this purpose). There is no indication the skill self-modifies other skills or system-wide settings.
What to consider before installing
Before installing or enabling this skill: 1) Confirm the registry metadata is reconciled with the SKILL.md (the skill requires the volc_flink CLI and access to ~/.volc_flink / $VOLC_FLINK_CONFIG_DIR and may use VOLCENGINE_* env vars). 2) Only install if you trust the source — there's no homepage or provenance provided. 3) Ensure you have volc_flink from an official release and that the CLI's config directory does not contain sensitive unrelated credentials you don't want the skill to read. 4) When using the skill, avoid pasting AK/SK into chat; prefer interactive login or an enterprise secret-management flow as the docs recommend. 5) If you need higher assurance, test the skill in an isolated environment or ask the owner to correct the manifest so required binaries/env vars are declared explicitly.Like a lobster shell, security has layers — review code before you run it.
latestvk97cjfcffcf5wp8msffes9q2kn84yejm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.