Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Z.AI Coding Plan Setup
v1.0.0Configure OpenClaw to use Z.AI GLM Coding Plan models with optimal settings, region selection, API key setup, model choice, and MCP tools for enhanced coding...
⭐ 0· 70·0 current·0 all-time
by@nelmaz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name and description (configure OpenClaw to use Z.AI GLM models) match the SKILL.md content: it tells you how to set the endpoint, model, and config. However the registry metadata declares no required environment variables or primary credential while the instructions explicitly require a ZAI_API_KEY and endpoints — a clear metadata/instruction mismatch.
Instruction Scope
The SKILL.md tells the agent/user to edit ~/.openclaw/openclaw.json, set ZAI_API_KEY, enable tooling (filesystem, shell, browser), change config values (context tokens), restart the gateway, and 'install Z.AI MCP Tools'. Editing the user OpenClaw config and enabling shell/filesystem tools is within the functional scope of creating a coding agent but also grants broad local access. The guide does not show how MCP tools are installed and gives no verification steps for downloaded components.
Install Mechanism
This is instruction-only with no install spec or code files, so nothing will be automatically downloaded or written by the skill itself. That lowers installation risk. However the doc references installing MCP tools but provides no install commands or verified source URLs.
Credentials
The instructions require a ZAI_API_KEY environment variable and suggest endpoints for international/China regions, but the skill metadata declares no required env vars or primary credential. Requiring an API key is proportionate to the stated purpose, but the omission from metadata is an inconsistency that prevents automated gate checks and user warnings. Also enabling tools like 'filesystem' and 'shell' effectively escalates what the agent can access relative to simply using a model API key.
Persistence & Privilege
The skill does not request always:true and is user-invocable only. It instructs editing the user's OpenClaw config file (~/.openclaw/openclaw.json) and restarting the gateway, which is normal for configuring a runtime integration and is limited to the user's OpenClaw instance rather than system-wide privilege escalation.
What to consider before installing
This skill's instructions look like a legitimate guide to configure OpenClaw with Z.AI models, but several things don't add up and you should be cautious: (1) The guide requires a ZAI_API_KEY but the skill metadata doesn't declare any required credentials — ask the publisher to declare the env var so automated checks can warn you. (2) The instructions ask you to enable tools like filesystem and shell for the agent; those grant the agent broad local access — only enable them if you trust the model provider and the agent's behavior. (3) The SKILL.md mentions installing MCP tools but includes no verified install commands or URLs; before running any install steps, verify official installation instructions from Z.AI or bigmodel.cn and prefer official release pages. (4) Back up ~/.openclaw/openclaw.json before making edits and validate configs with openclaw config validate. If you do not trust the skill source or cannot verify the endpoints and MCP tools, do not apply the changes. If you want to proceed safely, request the author to (a) add ZAI_API_KEY to the skill's declared requirements, (b) provide explicit, verifiable install steps or links for MCP tools, and (c) document why shell/filesystem/browser tools are needed and how to limit their scope.Like a lobster shell, security has layers — review code before you run it.
latestvk973kfa00whq5d26ebhebkfpan83b2jh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.