ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

jd-finance

v1.0.0

京东金融服务平台 - 理财产品、京东白条、京东金条、保险服务、信用卡、投资理财一站式管理

0· 76·0 current·0 all-time
by@naive-white-expert
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The description and examples imply access to user-specific account data and transaction capabilities (查看持仓/还款/借款/购买). However the skill declares no credentials, no API endpoints, and no install steps — there is no explained mechanism for accessing a user's JD account, which is disproportionate to the claimed functionality.
Instruction Scope
SKILL.md is high-level and contains example queries and feature lists but does not instruct the agent to call JD APIs, request credentials, or read local files. That makes the instructions internally vague: if the agent is expected to answer account-specific queries, the skill provides no guidance on how to obtain or use authenticated data.
Install Mechanism
No install spec and no code files — lowest-risk delivery model. Nothing will be written to disk by the skill itself.
!
Credentials
The skill requests no environment variables or credentials despite describing actions that would require account authentication. Either the skill is only informational (which should be made explicit) or it omits necessary auth requirements — both are problematic for user expectations and security.
Persistence & Privilege
Defaults are used (not always:true). The skill can be invoked by the agent autonomously, which is normal and not in itself a red flag.
What to consider before installing
This skill reads like a product description rather than a functioning connector. Before installing or using it: 1) Ask the author how it accesses user accounts — does it use official JD APIs/OAuth? Where are credentials kept? 2) Never paste passwords or API keys into chat; prefer OAuth flows or platform-managed credentials. 3) If the skill later asks you to provide account credentials directly, treat that as a red flag and decline. 4) Prefer skills with a homepage, source repository, or clear auth instructions; the absence of those details is why this is suspicious.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ebxmvbaytf6c0mwghs6xv1n84238d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments