Docker Xunler Downloader
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (base64-block); human review is required before treating this skill as clean.
Before installing, inspect the Node package files, install dependencies only in the skill directory, replace the bundled 192.168.1.40 configuration with your own Xunlei Docker host, and use submit commands only for links you really want downloaded. ClawScan detected prompt-injection indicators (base64-block), so this skill requires review even though the model response was benign.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the submit command can start downloads and consume storage or bandwidth.
The skill can create download tasks and choose selected files in the configured Xunlei service. This is central to the stated purpose, but it changes the user's download environment.
const result = await this.client.submitTask(magnetLink, taskName, selectedFileIndices);
Submit only links you intend to download, and ask the agent to show selected files first if you want per-file control.
A status or submit command could be sent to the wrong local-network service if this address exists in the user's environment.
The skill ships with a concrete default target. If the user does not change it, commands may contact that LAN host instead of the user's intended Xunlei service.
"host": "192.168.1.40", "port": 2345, "ssl": false
Run `xunlei config show` and `xunlei config set <host> <port>` before use, or delete/replace the bundled config.json.
Anyone who can invoke the skill may be able to view and create tasks on the configured Xunlei service.
The client generates and sends Xunlei API authentication headers to the configured service. This is expected for controlling Xunlei, but it means the skill acts with that service's authority.
headers['pan-auth'] = panAuth;
Configure it only for your own Xunlei instance and restrict OpenClaw/skill access to trusted users.
Installing dependencies runs npm package resolution for this skill's local environment.
The skill relies on an npm dependency, while installation is described manually rather than through a registry install spec. This is common for Node integrations but still introduces normal package supply-chain considerations.
"dependencies": {
"axios": "^1.13.4"
}Review package.json/package-lock.json and install dependencies only from a trusted, isolated skill directory.