pushplus
AdvisoryAudited by VirusTotal on Mar 24, 2026.
Overview
Type: OpenClaw Skill Name: pushplus-notification Version: 1.0.1 The pushplus-notification skill is a legitimate tool for sending notifications via the PushPlus HTTP API. The instructions in SKILL.md include proactive security measures, such as explicitly directing the AI agent to only extract the PUSHPLUS_TOKEN from .env files while ignoring other secrets, requiring user confirmation before execution, and masking tokens in logs. No malicious execution patterns or unauthorized data exfiltration behaviors were identified.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If approved, the agent can send the requested notification through PushPlus using a shell command.
The skill instructs the agent to use Shell/curl to make outbound PushPlus API calls. This is expected for a curl-based notification skill and is paired with explicit confirmation requirements.
“使用 Shell 工具执行 curl 命令” / “https://www.pushplus.plus/send”
Before confirming, review the message title, content, channel, and recipient options; do not let the agent send messages automatically.
The token lets the agent send notifications through the user's PushPlus account.
The skill needs a PushPlus token and may obtain it from the user, environment, or a scoped .env lookup. This is expected for the service and the artifact explicitly limits what should be read.
“用户需要提供 `PUSHPLUS_TOKEN` … 获取 token 的方式 … 环境变量 `PUSHPLUS_TOKEN` … 从项目根目录 `.env` 文件中**仅提取** `PUSHPLUS_TOKEN`”
Provide only the PushPlus token, keep it out of chat when possible, and make sure the agent masks the token and does not read unrelated .env secrets.
Anything included in the notification may leave the local environment and be processed by PushPlus and the selected channel.
Notification content is sent to PushPlus and possibly onward to external channels such as email, SMS, or webhooks. The artifact discloses this and tells the agent to warn users before sending sensitive data.
“通过 pushplus HTTP API 直接向微信、邮箱、webhook、短信等渠道推送消息” and “消息将通过第三方服务(pushplus.plus)传输”
Avoid sending passwords, keys, personal data, or confidential logs unless you intentionally accept the third-party transmission.