Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
技能检索
v1.0.0Multi-platform skill ranking and discovery system with 25,000+ skills. Supports Tencent SkillHub, Xfyun SkillHub, and local skills. Use when the user asks ab...
⭐ 0· 81·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the code: the scripts implement multi-source ranking (Tencent, Xfyun, local). However the default Tencent API URL in the code/config is set to https://lightmake.site/api/skills (a third‑party domain) instead of an official Tencent endpoint; that mismatch is unexplained and disproportionate to the stated purpose.
Instruction Scope
Runtime instructions and scripts read and write data under ~/.openclaw/skill-rank (DB, cache, config) and perform network fetches from configured endpoints. The code also references an environment variable GITHUB_TOKEN for authenticated GitHub API use, but the skill metadata declared no required env vars — SKILL.md mentions a token recommendation but the runtime reads the env var directly. These actions (local file I/O plus network calls to external endpoints) are within the broad scope but include undeclared sensitive inputs and an unexplained external API host.
Install Mechanism
No install spec; the bundle is instruction/code-only and uses only Python standard library modules. There are no downloads, archive extraction, or external installers in the provided files.
Credentials
The code accesses GITHUB_TOKEN from the environment and stores configuration (which may include tokens) under ~/.openclaw/skill-rank/config.json. The skill did not declare required env vars in the manifest. Additionally, the default Tencent API endpoint points at a third‑party domain (lightmake.site) which could be used to collect query patterns or metadata — accepting that endpoint by default increases exposure of queries/skill names.
Persistence & Privilege
The skill persists a local SQLite DB and config under ~/.openclaw/skill-rank and suggests cron integration for periodic updates. It does not request always:true or modify other skills' configs, but it will store data (including any tokens you add) on disk — normal for this class of tool but something to be aware of.
What to consider before installing
This skill mostly implements a legitimate ranking/discovery tool, but there are red flags you should address before trusting it:
- Investigate the Tencent API URL (https://lightmake.site/api/skills). Confirm the maintainer and prefer an official endpoint (skillhub.tencent.com or your own trusted registry). Do not rely on an unfamiliar third‑party host unless you trust it.
- The tool will read GITHUB_TOKEN from your environment and can write that token into ~/.openclaw/skill-rank/config.json. Only provide a GitHub token with the minimal scopes needed, or run without a token; consider running the first update in an isolated environment (container/VM) to observe behavior.
- Review the code (scripts/*.py) yourself or run it in a sandbox to see which endpoints it contacts during --update. Look for unexpected outbound hosts beyond the declared sources (xfyun, Tencent, GitHub, raw.githubusercontent).
- If you plan to install/run this skill for real users, replace the default tencent_api_url with an authoritative source and remove or explicitly document any third‑party proxies.
- If you need higher assurance, ask the publisher for a homepage, maintainership information, and an explanation for the lightmake.site endpoint; absence of provenance lowers trust.
If you want, I can point to the exact lines that set the suspicious endpoint and where the GITHUB_TOKEN is read, or produce a diff that hardcodes trusted endpoints before you run it.Like a lobster shell, security has layers — review code before you run it.
latestvk9711b98dhbnjd5v38hz611fch83ja4z
License
MIT-0
Free to use, modify, and redistribute. No attribution required.