ClawHub

Alibaba Dashscope Local

Security checks across malware telemetry and agentic risk

Overview

This skill mostly does what it says, but it handles paid-service credentials and local agent configuration while showing provenance and credential-storage concerns that users should review before installing.

Review the publisher/package identity before installing because the bundled metadata does not match the registry context. Use environment-variable storage instead of inline config storage, keep the OpenClaw config and backups private, and rotate the DashScope key if it may have been exposed. Treat Pay-As-You-Go model calls as billable even though the generated config lists zero costs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill omits a clear up-front warning that it may create or overwrite persistent local config files and may store API keys, including inline secret storage. Users may unknowingly persist credentials in plaintext or alter shared agent configuration, which creates credential exposure and durable system-state changes beyond the current session.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The document explicitly presents storing the Bailian API key directly in `openclaw.json`, which encourages plaintext credential storage in a file that may be backed up, copied, committed to source control, or left with overly broad filesystem permissions. Although it labels this approach as 'Not Recommended', it still provides a concrete example without sufficient safeguards, making accidental secret exposure more likely during setup and troubleshooting.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script allows storing the API key directly inside the JSON configuration file on disk via the inline mode. If that file is readable by other local users, checked into source control, included in backups, or exposed by another process, the credential can be stolen and used to access the Alibaba Cloud model account.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal