Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
QingLong Panel
v1.0.1Manage QingLong (青龙) panel — cron jobs, environment variables, scripts, dependencies, logs and system operations.
⭐ 1· 75·0 current·0 all-time
by@nnnnzs
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description, required binaries (curl, jq), required env vars (QINGLONG_URL, QINGLONG_CLIENT_ID, QINGLONG_CLIENT_SECRET) and the included scripts all align with a QingLong Open API management tool. The script implements the API calls described in SKILL.md and references the documented QingLong endpoints.
Instruction Scope
SKILL.md instructs the agent/user to run the included scripts and to place API credentials into environment variables or openclaw.json. The runtime script reads those env vars and performs API operations (including system-level endpoints like /system/command-run and /system/auth/reset if the client app has the 'system' scope). It also caches a bearer token to a file under the user's cache directory — expected for this use but worth noting.
Install Mechanism
No remote install or third‑party download is declared (instruction-only skill with a bundled shell script). No archives or external installers are executed during install, so nothing is pulled from arbitrary URLs during installation.
Credentials
The three environment variables requested are appropriate for an Open API wrapper. However SKILL.md explicitly tells users to create an application and select scopes; granting broad scopes (notably 'system') gives the skill power to run commands or reset auth on the QingLong host. The script also writes a bearer token to disk (~/.cache/qinglong/token), which is sensitive and should be protected. Storing client credentials in openclaw.json or shell rc files means they will be on disk in plaintext.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide config changes beyond storing its own env settings in OpenClaw config as documented. Note the skill permits autonomous invocation by the agent (platform default); combined with wide QingLong scopes this enables potentially destructive actions, but that capability derives from the granted API scopes rather than an unexpected platform privilege.
Assessment
This skill appears to do what it says: it wraps the QingLong Open API and includes a shell script that caches a bearer token and issues API calls. Before installing: 1) Verify the skill source (the registry metadata shows no public homepage and an opaque owner ID—review the GitHub repo referenced in the docs yourself). 2) When creating the QingLong application grant the minimum scopes needed (avoid 'system' unless you explicitly want remote command execution or auth reset). 3) Treat QINGLONG_CLIENT_ID/SECRET as sensitive: avoid storing them in shared config files if you can, and limit file access to your user. 4) Be aware the script caches a bearer token to ~/.cache/qinglong/token — rotate/revoke credentials if that file is exposed. 5) If you allow the agent to call this skill autonomously, consider restricting the agent's permission/usage or reviewing logs, since API credentials with broad scopes could be used to run commands or change system state on the panel. If you want a higher assurance level, ask the skill author for a verified repository and a reproducible audit of the script.Like a lobster shell, security has layers — review code before you run it.
latestvk9759y4tbn2ka05bya3f19qenx83h0sa
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🐉 Clawdis
Binscurl, jq
EnvQINGLONG_URL, QINGLONG_CLIENT_ID, QINGLONG_CLIENT_SECRET