ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

aaPanel / BT-Panel (5H3LL)

v0.2.0

aaPanel/BT-Panel server monitoring and file management skill — system resources, site status, service status, SSH logs, cron jobs, log reading, and remote fi...

0· 14·0 current·0 all-time
by@social5h3ll
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the implementation: the repository contains a BtClient, FilesClient and many CLI scripts to monitor services, manage sites, SSL, databases, firewall, FTP and files on aaPanel instances. The capabilities requested (read/write files, manage services, create DB users, firewall changes, download/unzip on the server) are powerful but coherent with a panel management skill.
Instruction Scope
SKILL.md and the scripts instruct the agent / user to add servers with API tokens and then run commands that read and modify arbitrary files on remote servers (GetFileBody, SaveFileBody, Create/Delete files/dirs, download/unzip). The skill also reads/writes a local config (~/.openclaw/bt-skills.yaml) and respects an optional BT_CONFIG_PATH env var. This is within the declared scope but worth noting because it enables reading sensitive server files and making destructive changes.
Install Mechanism
There is no install spec in registry metadata (instruction-only), but the code comments and README list Python packages (requests, pyyaml, rich). The skill requires python3 to run; missing explicit dependency declarations in the registry means dependencies must be installed separately by the user.
Credentials
Registry declares no required env vars, which is consistent with using a YAML config file for API tokens. However the code checks BT_CONFIG_PATH if set and will create/use ~/.openclaw/bt-skills.yaml to store server tokens and settings. API tokens are stored on disk (YAML) rather than as required environment variables — this is expected but increases the importance of protecting that file.
Persistence & Privilege
always:false and user-invocable:true. The skill will create and manage a per-user config file in ~/.openclaw and does not request global system privileges or attempt to change other skills' configs. Note: disable-model-invocation is false (autonomous invocation allowed) — combined with the skill's wide capabilities this increases blast radius if it were misused, but autonomous invocation alone is the platform default.
Assessment
This package appears to be a legitimate aaPanel/BT-Panel management skill, but it can read and modify arbitrary files and perform destructive actions on configured servers. Before installing: 1) only add trusted aaPanel instances and treat the API token like a credential; know that tokens are stored in ~/.openclaw/bt-skills.yaml (protect that file). 2) Install required Python dependencies (requests, pyyaml, rich) in a controlled environment. 3) Understand that commands such as file edits, deletes, download/unzip, firewall and DB operations can alter or expose sensitive data — limit server privileges and review the code if you will run it in automated/autonomous mode. 4) If you need higher assurance, inspect the full source (scripts) and confirm there are no hidden remote exfil endpoints or unexpected network calls beyond aaPanel API requests.

Like a lobster shell, security has layers — review code before you run it.

latestvk9732v91wwerf6az70g2cr33h584k3fc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3

Comments