v1.0.1

通义晓蜜 - 智能外呼

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:32 AM.

Analysis

This skill is purpose-aligned for Alibaba Cloud outbound calling, but it deserves careful review because it can batch-place real phone calls using cloud access keys while credential/capability declarations and recipient-safety safeguards are incomplete.

GuidanceBefore installing, confirm you are comfortable giving this skill Alibaba Cloud outbound-call authority. Use a dedicated least-privileged key, review and approve every phone list and call script, include truthful caller/AI disclosure where required, call only contacts you have permission to contact, and start with a small test campaign before any bulk run.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

触发阿里云晓蜜外呼机器人任务，自动批量拨打电话。适用于批量外呼、客户回访、满意度调查、简历筛查约面试等场景。

This shows the skill can trigger real-world bulk phone calls to third parties. Even though confirmation is requested elsewhere, a wrong list or script could quickly affect many people and create cost, legal, or reputation impact.

User impactA mistaken or overbroad run could call many customers or candidates with an unwanted or incorrect message.

RecommendationRequire explicit per-campaign approval, verify caller consent and legal compliance, test with a small list first, set rate/volume limits, and provide a clear cancellation/opt-out process.

Human-Agent Trust Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

"agentProfile": { "name": "李敏", "gender": "女", "age": 28, "role": "招聘专员" ... "openingPrompt": "您好，我是XX公司的招聘专员李敏" }

The instructions encourage generating a human-like persona for calls. The artifacts do not show a requirement to disclose that the call is automated or AI-driven, which can mislead recipients and create trust/compliance risk.

User impactRecipients may believe they are speaking with a specific human employee rather than an automated calling bot, which can create reputational or regulatory issues.

RecommendationRequire scripts to identify the caller accurately, disclose automation/AI where appropriate, avoid fabricated personal details, and have users approve the exact opening prompt before calling.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceMediumStatusNote

metadata

Source: unknown; Homepage: none; Code file presence: scripts/bundle.js (3210566 bytes)

The skill includes a large runnable JavaScript bundle, but the supplied metadata does not identify a source repository or homepage. No static findings were reported, so this is a provenance note rather than evidence of malicious code.

User impactUsers have less provenance context for code that will run with their local environment and cloud credentials.

RecommendationInstall only if you trust the publisher, keep a copy/hash of the reviewed bundle, and prefer a version with public source or reproducible build information.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

references/config.md

`ALIYUN_OUTBOUND_BOT_ACCESS_KEY_ID` | 阿里云 AccessKey ID ... `ALIYUN_OUTBOUND_BOT_ACCESS_KEY_SECRET` | 阿里云 AccessKey Secret ... 将上述 export 命令添加到 `~/.bashrc` 或 `~/.zshrc` 文件中。

The skill requires Alibaba Cloud credentials and recommends persistent shell-profile storage, while the supplied registry metadata declares no required env vars or primary credential. The artifacts also do not show least-privilege scope guidance.

User impactAn overly broad or long-lived Alibaba Cloud key could expose more account authority than is needed for outbound calls.

RecommendationUse a dedicated least-privileged RAM user/key only for the required Xia蜜 outbound-call APIs, avoid broad existing account keys, rotate keys regularly, and do not store secrets permanently unless necessary.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceHighStatusNote

SKILL.md

"candidates": [{ "name": "张三", "phone": "13800138000", "score": 85 }], ... "scenarioDescription": "面试邀约 - 蓝领岗位简历筛查通过"

The skill is designed to pass phone numbers, names, scores, and scenario details into an Alibaba Cloud outbound-calling workflow. This is purpose-aligned, but it is sensitive personal/contact data flowing to an external provider.

User impactCustomer or candidate contact details and call context may be sent to Alibaba Cloud and used in outbound calls.

RecommendationMinimize the data included, confirm that contacts may be processed by the provider, follow privacy/consent requirements, and avoid sending unnecessary candidate or customer details.