ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Douban CLI

v0.2.5

豆瓣电影/书籍/影人/用户收藏查询与标记 CLI。触发词:豆瓣、电影推荐、热门电影、想看什么、top250、美剧日剧韩剧、影评短评、标记看过、评分、好书推荐、书籍、豆列、关注、导出观影记录、影人、演员导演。

0· 228·1 current·1 all-time
bym3@marvae
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Douban CLI) match the declared binary 'douban' and the npm install @marvae24/douban-cli. Commands and config paths in SKILL.md align with a CLI that queries and marks Douban content.
Instruction Scope
Runtime instructions focus on search/browse/mark/export operations and batch file workflows. They explicitly state the CLI will extract Douban login state from browser cookies and write local config/auth files (~/.douban-cli.json, ~/.douban-cli-auth.json). Those actions are within scope for a CLI that needs to authenticate, but extracting browser cookies is sensitive and worth scrutiny.
Install Mechanism
Install is an npm package (@marvae24/douban-cli) that provides the 'douban' binary—this is an expected and common distribution method for a CLI. NPM installs carry the usual moderate risk (third-party code executed on your machine); no suspicious download URLs or archive extraction are present in the spec.
Credentials
No environment variables are requested (ok). The skill requests permission to read browser cookies (Chrome/Edge/Firefox/Safari) to extract Douban login state and will store encrypted auth cache in the home directory. Reading browser cookies is disproportionally sensitive if the tool reads entire cookie stores or other sites' cookies; the SKILL.md states the intent (extract Douban cookies), which makes it justifiable but still sensitive.
Persistence & Privilege
The skill is not always-enabled, does not request system-wide config changes, and stores only its own config/auth files under the user's home. Autonomous invocation (agent can invoke) is the platform default; combined with browser-cookie access this increases potential impact if misused, but there is no evidence here the skill abuses persistence or privileges.
Assessment
This skill appears to do what it says: it installs an npm 'douban' CLI that reads browser cookies to log you into Douban and stores local config/auth files. Before installing, consider: 1) Trust the npm package and maintainer (@marvae24) — inspect the package source on the registry or GitHub if possible. 2) Browser-cookie access is sensitive — confirm the tool only extracts Douban-specific cookies and not unrelated site tokens. 3) If you have concerns, run the tool in an isolated environment or container, or use explicit credentials instead of cookie extraction. 4) After installation, review ~/.douban-cli-auth.json and ~/.douban-cli.json and monitor network activity if you want extra assurance.

Like a lobster shell, security has layers — review code before you run it.

latestvk978j7bj9nq4fpde6mbrv97eah835jm8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsdouban

Install

Install Douban CLI (npm)
Bins: douban
npm i -g @marvae24/douban-cli

Comments