appstore-skill
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill appears to manage a 1Panel app store, including installing and uninstalling apps with an API key, but its metadata and provided files under-describe and incompletely support that high-impact access.
Review this carefully before installing. Only use it if you trust the publisher, can verify the missing runtime files and entry point, and are comfortable giving it a 1Panel API key that can install or uninstall server apps. Prefer a limited, revocable key and require explicit confirmation before any install or uninstall action.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could change the server’s installed applications, potentially affecting availability or data if invoked incorrectly.
The skill exposes tools that install and uninstall applications on a 1Panel server. These are purpose-aligned, but they are high-impact mutations and the artifacts do not show an explicit confirmation, dry-run, rollback, or bounded safety workflow.
name: 'install_app' ... description: '从应用商店安装应用...会自动选择最新版本。' ... const result = await installApp(client, { appDetailId, name }); ... name: 'uninstall_app' ... const result = await uninstallApp(client, ...)Use only with explicit user confirmation for install/uninstall actions, preferably in a non-production environment first, and add confirmation or dry-run controls.
Providing this key gives the skill authority over a 1Panel app-store management API; if the key is broad, mistaken tool use could affect the server.
The code requires a 1Panel API key and also reads API-key environment variables, but the registry metadata declares no primary credential or required environment variables. The same credential is used for app installation and removal.
const baseUrl = String(config?.baseUrl || process.env.ONEPANEL_BASE_URL || process.env.APPSTORE_BASE_URL || ''); const apiKey = String(config?.apiKey || process.env.ONEPANEL_API_KEY || process.env.APPSTORE_API_KEY || ''); ... required: ['baseUrl', 'apiKey']
Use a least-privilege, revocable API key if possible, verify the exact 1Panel permissions granted, and treat the credential requirement as part of the install decision.
The skill may fail to run, or its real network behavior may depend on missing code that was not available for review.
The provided manifest lists only plugin.js, but this file depends on client.js and modules/appstore.js, and the capability signal references ./dist/plugin.js. The actual HTTP client and app-store operation implementations are therefore not reviewable in the supplied artifacts.
import { AppStoreClient } from './client.js';
import { searchApps, listInstalledApps, installApp, uninstallApp, getAppByKey, getAppDetailId } from './modules/appstore.js';Do not install until the package includes the referenced runtime files or a complete reviewed bundle, and verify the published entry point matches the manifest.