Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
人群宇宙投放追踪周报
v1.1.0人群宇宙投放追踪周报自动生成工具。支持任意行业(家清、美妆、母婴、食品等),只需提供 RedBI 看板地址和行业人群包名称,自动拉取数据、对比人群宇宙 vs 整体种草效果、按三类逻辑分层客户优先级(未投放/效果好投入少/数据不及整体),生成可视化 HTML 周报和 Redoc 在线文档。触发词:人群宇宙周报、人群...
⭐ 0· 32·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to pull RedBI data and produce HTML + Redoc reports; the provided scripts and SKILL.md show exactly that (downloading CSVs, classifying clients, generating HTML, publishing via hi-workspace-cli). Access to RedBI and note images via SSO is coherent with the stated purpose. However, the skill metadata declares no required credentials or config paths while the instructions and scripts clearly read an SSO cookie file and call another skill's run-sso.sh helper — this mismatch should have been declared.
Instruction Scope
Runtime instructions and scripts read /home/node/.token/sso_token.json to obtain an SSO cookie, call internal endpoints (redbi.devops.xiaohongshu.com and xiaohongshu.com) and download CSVs/images, start a local HTTP preview, and call bunx/@xhs/hi-workspace-cli to publish Redoc. These actions are within the feature scope, but they access sensitive local credential files and another skill's script path (/app/skills/data-fe-common-sso/script/run-sso.sh) that are not listed in the skill metadata — an important scope/visibility gap.
Install Mechanism
No install spec (instruction-only plus included scripts). That lowers install risk — nothing is downloaded/installed by the registry metadata. Note: SKILL.md expects tools (bunx, bunx package @xhs/hi-workspace-cli) and Python packages (pandas, openpyxl) to exist at runtime but doesn't declare them.
Credentials
The metadata lists no required environment variables or config paths, yet the code reads a local SSO token file (/home/node/.token/sso_token.json) and relies on another skill's run-sso.sh helper at /app/skills/data-fe-common-sso/script/run-sso.sh. The SSO cookie is effectively a credential used to access internal data; not declaring it (or the dependency on the other skill) is a proportionality/visibility problem.
Persistence & Privilege
always is false and the skill does not request persistent/enforced inclusion. The skill reads local files and writes temporary CSVs and cached base64 images to /tmp paths; it does not modify other skills' configuration. Starting a local HTTP server to serve a preview is normal for this use-case but means the agent will expose a pod IP/port — users should consider network exposure policies.
What to consider before installing
This appears to be an internal reporting tool that legitimately needs access to your company's RedBI data, so its behavior (reading an SSO cookie, calling internal APIs, downloading CSVs and images, generating HTML and publishing Redoc) makes sense — but there are important transparency gaps: the skill metadata does not declare the SSO credential or the dependency on another skill's run-sso.sh helper, nor does it list required runtime tools (bunx, @xhs/hi-workspace-cli, Python libs). Before installing or enabling: 1) Confirm you trust the skill author and that this will run only in a controlled internal environment. 2) Verify the presence and safety of /home/node/.token/sso_token.json and /app/skills/data-fe-common-sso/script/run-sso.sh (audit those files). 3) Ensure required runtimes (bunx, Python packages) are available and that publishing to Redoc uses internal endpoints only. 4) Be aware the skill will start a local HTTP preview (pod_ip:18765) — confirm that serving this port is allowed and not exposed to public network. If you need higher assurance, ask the maintainer to update metadata to declare required config paths/credentials and dependency tools or to provide a reviewed install manifest.Like a lobster shell, security has layers — review code before you run it.
latestvk9767e13276v694b4cz40cemw984v2vv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.