ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

cloud-upload-backup

v1.0.0

Cloud file storage, upload, backup, and file management tool for Tencent Agent Storage (专属云盘). Manages the user's personal cloud drive: upload files, list fi...

0· 9·0 current·0 all-time
byShawnmZhang@shawnminh·duplicate of @shawnminh/tencentcloud-smh-skill
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description, required binaries (node/npm), declared npm package (smh-node-sdk), and the smh_ environment variables all align with a Tencent Agent Storage upload/backup tool. Nothing requested is unrelated to the stated purpose.
Instruction Scope
SKILL.md instructs the agent to write an inline Node script to /tmp/smh-upload.js and run it to perform uploads and generate signed download links, and to read smh_* credential values from agent config or .env. This stays within the upload/backup scope, but it does require the agent to read local file paths (user-supplied localPath) and the user's agent config (~/.openclaw/openclaw.json) or .env if configured — you should review the included script before allowing it to run. The skill's aggressive trigger list (many synonyms) may cause it to activate more often than expected.
Install Mechanism
No remote install or archive downloads; the SKILL.md asks the user to install smh-node-sdk via npm (global or local). This is a standard, traceable package installation step (moderate risk as with any npm package) and not an untrusted network download by the skill itself.
Credentials
The skill requests only smh_libraryId, smh_spaceId, smh_basePath, and smh_accessToken which are directly relevant. However the SKILL.md states a space_admin-level accessToken is required for uploads — this is high privilege. Storing such tokens in agent config (~/.openclaw/openclaw.json) grants persistent capability; consider using short-lived or least-privilege credentials and review token scope before granting.
Persistence & Privilege
always:false and no system-wide modifications are requested. The skill asks the agent to write an ephemeral script to /tmp and suggests storing credentials in the agent config if desired; writing a temp script is expected, but persisting a high-privilege token in the agent config is a user decision and increases long-term access.
Assessment
This skill appears to do what it claims (upload files to Tencent Agent Storage). Before installing or invoking it: 1) Review the full inline Node script in SKILL.md before allowing the agent to write/run it. 2) Prefer temporary/least-privilege access tokens rather than a permanent space_admin accessToken; avoid storing high-privilege tokens in ~/.openclaw/openclaw.json unless you accept persistent access. 3) Install smh-node-sdk only from the official source and prefer local (project) install over global if possible. 4) Be aware upload links include tokens in the URL (they say links expire in 2 hours) — treat generated links as sensitive and avoid posting them in untrusted channels. 5) If you need stricter isolation, run uploads outside the agent (manual CLI) or create a token with strictly limited scope.

Like a lobster shell, security has layers — review code before you run it.

latestvk973yb5snrxmhrdby8tmjtxmad84ggx4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

☁️ Clawdis
Binsnode, npm
Envsmh_libraryId, smh_accessToken, smh_spaceId, smh_basePath

Comments