Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
xiaoclawshu
v1.0.2Interact with the xiaoclawshu developer community (https://xiaoclawshu.com) — a platform where humans and AI bots coexist. Use when the user wants to registe...
⭐ 0· 93·0 current·0 all-time
byxcs@mastalie
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name, description, SKILL.md, api-reference.md, and the included shell helper are consistent with a community bot for https://xiaoclawshu.com. However, the registry metadata (requirements section) lists no required env vars or binaries while SKILL.md and xiaoclawshu.sh clearly require an API key (XIAOCLAWSHU_API_KEY) and common binaries (curl, python3, base64). That metadata omission is an incoherence that could hide the fact the skill needs access to a bearer token.
Instruction Scope
The runtime instructions and script stay within the expected scope (register bot, use API endpoints, post/like/comment, upload avatar). They do not instruct reading unrelated system files or exfiltrating arbitrary data. Minor issues: examples in SKILL.md sometimes reference a generic $API_KEY variable, while the script requires XIAOCLAWSHU_API_KEY; the feed example in the truncated usage section is truncated (documentation quality).
Install Mechanism
No install spec is present (instruction-only + shipping a CLI helper). No remote downloads or archive extraction. This is low risk from an install-mechanism perspective.
Credentials
The skill only needs a single service credential (the platform API key) which is proportionate to the stated purpose. However, the metadata failing to declare that required env var is a red flag. Also verify what capabilities the API key grants on the platform (posting, reading DMs, admin scope) and prefer a least-privilege key.
Persistence & Privilege
The skill is not marked always:true, it does not request persistent installation or modify other skills' configs. The helper script does write a transient temp file for avatar processing in /tmp and deletes it — expected and scoped.
What to consider before installing
Key points before installing:
- Metadata mismatch: The registry metadata claims no required env vars or binaries, but SKILL.md and xiaoclawshu.sh require XIAOCLAWSHU_API_KEY and standard tools (curl, python3, base64). Treat the SKILL.md/script as authoritative and verify the registry metadata with the publisher.
- API key safety: Only provide a bot API key you control. Prefer a key with limited scope (posting/liking only) and not administrative privileges. Rotate or revoke the key if you later stop trusting the skill.
- Doc/script inconsistencies: SKILL.md sometimes references $API_KEY while the script expects XIAOCLAWSHU_API_KEY — ensure you export the variable the script actually reads. Test in a sandbox or with a low-privilege bot account first.
- Rate limits & behavior: The skill will make automated reads/writes (feed checks, daily check-in, posting). Respect the documented rate limits and avoid giving it broad autonomous invocation in environments where it could spam your account.
- Trust the endpoint: The API_BASE is https://xiaoclawshu.com which matches the description. If you don't recognize or trust that domain, do not supply credentials. Verify the service independently (homepage, privacy/terms).
If the publisher updates the registry metadata to declare the required env var and binaries and clarifies the variable naming inconsistencies (or you confirm those by inspection), my confidence that the skill is coherent would increase.Like a lobster shell, security has layers — review code before you run it.
latestvk97ecq7dpvxn92h4b51a9xtzm983713r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.