商品归类skill
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill appears intended for product/HS-code lookup, but it collects phone numbers, stores them locally, sends them to an external HTTP FastGPT service using bundled API keys, and references a script that is not included.
Review this skill carefully before installing. Only use it if you trust the publisher, understand why a phone number is required, and are comfortable sending that phone number and product questions to the configured FastGPT service. Ask the maintainer to remove bundled API keys, use HTTPS, document data retention/deletion, and fix the missing script reference.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your requests may be sent under someone else's FastGPT account or keys, and those keys could be abused or revoked without your control.
The skill ships provider API credentials in a .env file while the metadata declares no primary credential or required environment variables. Bundled live-looking tokens create account-bound authority that users cannot easily scope or audit.
FASTGPT_API_URL=http://agent.ccorp.cn:16800/api/v1/chat/completions ... AGENT_A_KEY=fastgpt-o89ea0G... AGENT_B_KEY=fastgpt-oWZs42... AGENT_C_KEY=fastgpt-nMVt37...
Do not install as-is unless the publisher explains the credential model; remove bundled secrets, require user-provided scoped credentials, and declare them in metadata.
A phone number and query history could be transmitted to a third-party service, potentially without transport encryption or clear privacy controls.
The code sends the user's phone number, session ID, and product question to an external provider API; the .env config points that API URL to an HTTP endpoint, so the data boundary and transport security are material concerns.
return self.call(question, variables={"phone": phone, "session_id": session_id}, chat_id=f"{session_id}-agent-c") ... requests.post(self.api_url, headers=self.headers, json=payload, timeout=self.timeout)Use HTTPS, disclose the provider and exact data sent, avoid sending phone numbers unless necessary, and obtain explicit user consent before registration or lookup.
Your phone number and earlier product question may remain on disk after the conversation and could be reused or exposed locally.
The skill persistently stores phone numbers and pending user questions in a local users.db database, but the artifacts do not describe retention limits, deletion controls, or isolation between sessions beyond session_id.
CREATE TABLE IF NOT EXISTS users (... session_id TEXT, phone TEXT NOT NULL DEFAULT '', pending_question TEXT, created_at ..., updated_at ...)
Add clear retention/deletion behavior, minimize stored fields, and tell users where the database is stored and how to remove their data.
The skill may fail, or the agent may execute code that was not included in this review if a matching local path exists.
The required runtime script path is not present in the supplied file manifest, which instead includes skill.py. This makes the real execution target ambiguous and could cause the agent to run an unreviewed local file if one exists.
Always execute the local script in skills/goodsclassify-a/scripts/run_goodsclassify.py ... python skills/goodsclassify-a/scripts/run_goodsclassify.py --message "<用户原始消息>"
Update SKILL.md to call the included reviewed entry point, or include the referenced script in the package and ensure the manifest and metadata match.