tuoluo-company-api
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill mostly matches its stated company API purpose, but it handles company credentials, can create business records, and contains unsafe argument handling that could run unintended local code.
Do not enter real company credentials until you trust the script source. If you use it, prefer a limited-permission account, protect the generated config/token files, and require explicit confirmation before any create/add commands are run.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A maliciously crafted command argument could cause the skill to run unintended code on the user's machine.
User/config-controlled values are interpolated directly into a Python program executed with python3 -c instead of being passed as data, so crafted project/task names or IDs could alter the Python code that runs locally.
body=$(python3 -c " ... adm = json.loads('$admin_template') ... 'name': '$name', ... 'uid': $uid, ... ")Generate JSON safely by passing arguments through stdin, environment variables, argparse, or jq; never interpolate untrusted values into python -c source code.
An agent using this skill could create projects, tasks, or products in the company system, potentially causing incorrect business records.
The skill exposes commands that mutate company/business data, while the high-level description emphasizes querying company data and the artifacts do not document approval, confirmation, or rollback controls.
`project-add` ... 创建项目; `task-add` ... 创建项目任务; `product-add` ... 添加产品
Separate read-only and write-capable commands, require explicit user confirmation before mutations, document needed roles/scopes, and provide rollback or audit guidance.
Installing and configuring the skill gives it ongoing access to internal company data and any actions allowed by the supplied account.
The skill requires platform API credentials and a user login password and persists them/tokens locally, but registry metadata declares no primary credential, env vars, or capability tags.
首次运行 `setup` 命令,按提示输入 ... 开放平台 access_key / secret_key ... 登录手机号 + 密码 ... `.api-config.json` 和 `.token-cache.json` 包含敏感信息
Use a least-privilege service account if possible, store secrets in a credential manager or protected environment variables, restrict file permissions, and clearly declare credential requirements in metadata.
Users have less registry-level context for verifying where the code came from and what local tools it expects.
The skill is credential-handling and script-based, but provenance is not provided and the documented jq/curl/python3 dependencies are not reflected in registry requirements.
Source: unknown; Homepage: none; Required binaries: none
Verify the script source before entering credentials, and update metadata to declare dependencies, credentials, and a trustworthy homepage/source.