Qinglong Skills
Security checks across malware telemetry and agentic risk
Overview
This is a coherent QingLong admin tool, but it gives the agent very powerful panel control, including command execution and auth reset.
Install only if you want an agent to administer your QingLong panel. Use a dedicated least-privilege API application, avoid the `system` scope unless you truly need it, and require explicit confirmation before any command execution, credential reset, script change, dependency install, or delete operation.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If granted broad QingLong scopes, the agent could execute commands on the QingLong panel environment or reset panel credentials if it misinterprets a request or follows an unsafe prompt.
The skill exposes QingLong system command execution and auth reset through the agent-facing command reference. These are powerful admin actions, and the instructions only explicitly require confirmation for delete operations.
scripts/ql.sh system command-run --command "task test.js" # Run command scripts/ql.sh system auth-reset --username admin --password newpass
Use a least-privilege QingLong application, avoid granting the `system` scope unless necessary, and require explicit user confirmation before command-run, auth reset, update/reload, dependency install, or script write/run operations.
The skill can act with whatever QingLong API permissions the configured application has.
The skill requires QingLong API credentials and may be configured with broad scopes, including `system`. This is expected for panel management but materially affects the agent's authority.
Select the scopes you need (e.g. crons, envs, scripts, logs, system) ... `QINGLONG_CLIENT_ID` | Open API Client ID `QINGLONG_CLIENT_SECRET` | Open API Client Secret
Create a dedicated QingLong application for this skill and enable only the scopes needed for the tasks you plan to delegate.
Anyone or any process that can read the token cache may be able to reuse the QingLong API token until it expires.
The wrapper persists the QingLong bearer token in a local cache file for reuse. That is purpose-aligned, but the token is sensitive auth state.
TOKEN_CACHE_FILE="$TOKEN_CACHE_DIR/token"
...
echo "{\"token\":\"${token}\",\"expiration\":${expiration}}" > "$TOKEN_CACHE_FILE"Protect the cache directory permissions, avoid sharing the environment with untrusted processes, and use `scripts/ql.sh token clear` when you no longer need the cached token.