Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
weizhao-vip-search
v1.0.0在唯品会(VIP.com)搜索商品,引导用户登录并调用搜索API获取关键字商品。
⭐ 0· 79·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to perform searches on VIP.com and includes a Python script that issues a request to a VIP domain using a Cookie header. Requiring a session cookie is plausible for accessing logged-in-only endpoints, so the capability matches the purpose — however, asking users to provide raw session cookies is a sensitive design choice and should be justified or replaced by safer alternatives (e.g., an official API key, OAuth, or a local-only execution model).
Instruction Scope
SKILL.md explicitly instructs the user to extract the full 'Cookie:' header from their browser and send it to the agent, then demonstrates invoking the script with the cookie as a command-line argument. This expands the agent's scope to collecting sensitive credentials from users. Passing cookies on the command line is insecure (visible in process listings) and the instructions encourage possible long-term storage or transmission of session tokens. Although the script itself only queries VIP.com and prints the response, the instructions create a real exfiltration risk.
Install Mechanism
Instruction-only install (no install spec). The skill ships a small local Python script and does not download arbitrary third-party artifacts or execute installers. This is low-risk from an installation perspective.
Credentials
No environment variables or external credentials are declared, yet the runtime flow requires the user to hand over a full session cookie (sensitive credential). Requiring the cookie may be necessary for the stated purpose, but the skill offers no safer alternatives, no guidance to limit scope of the cookie (ephemeral session), and instructs insecure handling (CLI arg). This is disproportionate from a privacy/credential standpoint and increases risk if the cookie is misused.
Persistence & Privilege
The skill is not 'always' enabled and does not claim to modify other skills or global settings. It does not request persistent system privileges. Autonomy is allowed by default, but nothing in the package itself requests elevated or persistent privileges.
What to consider before installing
This skill does what it says (search VIP.com) but asks you to copy and paste a full logged-in browser Cookie — which is effectively a secret that can grant access to your account. Before installing or using it:
- Do NOT paste your full session cookie into chat. Prefer running the included script locally on your own machine and passing the cookie only on your machine (and preferably by a safer method than a command-line argument, e.g., read from stdin or a temp file with restricted permissions).
- Inspect the included script (scripts/search_vip.py) yourself — it currently only contacts VIP.com, but any code can be changed to exfiltrate cookies elsewhere. Only run the exact source you reviewed.
- Use a throwaway/ephemeral login session if possible, or create a temporary account/session that you can revoke afterwards. After use, log out and/or invalidate the session from your account settings.
- Note the example command uses a hardcoded local path — ensure you run the script from the repository path (or adjust the path) rather than copying the example verbatim.
- Prefer safer alternatives: use public search pages that don't require login, or an official API/OAuth flow if VIP.com provides one.
If you are not comfortable handling session cookies or cannot ensure you’ll run the reviewed script locally, do not provide your cookie to this skill.Like a lobster shell, security has layers — review code before you run it.
latestvk9789wx631hk1wc1g6zykh6e6h83h6d9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.