Back to skill
Skillv0.2.0
ClawScan security
1688-88syt · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 27, 2026, 2:49 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, runtime instructions, and requested credential (SYT_API_KEY) are coherent with its stated purpose (managing 88 生意通 / 1688 offline B2B purchase-order flows); there are no unexplained external dependencies or suspicious network endpoints.
- Guidance
- This skill appears to do what it says: it communicates with the 1688/88 生意通 gateway and needs your SYT_API_KEY (AK). Before installing, ensure: (1) you trust the source and will only provide an AK from a trusted ClawHub account; (2) you are comfortable that `configure` may write the AK to your OpenClaw config (~/.openclaw/openclaw.json) or call a local gateway API if OPENCLAW_GATEWAY_URL/OPENCLAW_GATEWAY_TOKEN are set; (3) the skill will perform state-changing actions (create-order, sign-order, refund, confirm-receipt) — the SKILL.md requires explicit user confirmation for those, but verify your agent enforces that; (4) logs may include API response content in error paths (there is a debug print in the HTTP error handler), so avoid putting highly sensitive data in requests unless you accept that risk. If you want higher assurance, review the full repository locally (especially _auth.py, configure/service.py, and _http.py) and test in a safe environment before using with production credentials.
Review Dimensions
- Purpose & Capability
- okName/description (88 生意通 / 1688 offline B2B flows) match the implemented capabilities (create order, sign, refund, query account/contract). Required binary (python3) and primary credential (SYT_API_KEY) are appropriate and expected.
- Instruction Scope
- noteSKILL.md instructs the agent to run local CLI commands and to request an AK from the user — consistent with the code. The runtime docs require reading multiple reference docs before first use (reasonable). The code does read the OpenClaw config file (~/.openclaw/openclaw.json or OPENCLAW_CONFIG_DIR) as a fallback for the AK; this is logical but means the skill will access that config file at runtime.
- Install Mechanism
- okThis is an instruction/code-only package requiring Python; there is no network install step that downloads/extracts arbitrary archives. All sources are included in the bundle.
- Credentials
- noteOnly the primary credential SYT_API_KEY is required. The skill also reads optional environment variables used to locate or update the OpenClaw gateway (OPENCLAW_CONFIG_DIR, OPENCLAW_GATEWAY_URL, OPENCLAW_GATEWAY_TOKEN) — these are plausible for configuring where the AK is stored, but you should be aware the configure command can write the AK into the global openclaw.json or call a local gateway API.
- Persistence & Privilege
- notealways:false (no forced global inclusion). The configure capability will persist the AK by PATCHing a gateway endpoint (if available) or writing openclaw.json in the user's config directory — expected for an auth/configure flow but it does modify a global configuration file that can affect other skills, so exercise normal caution when granting write access.