ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AIsa Provider

v1.0.0

Use AIsa for model routing, provider setup, and Chinese LLM access. Use when: the user needs model configuration, provider guidance, or routing workflows. Su...

0· 76·0 current·0 all-time
by@baofeng-tech

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for baofeng-tech/aisa-provider.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "AIsa Provider" (baofeng-tech/aisa-provider) from ClawHub.
Skill page: https://clawhub.ai/baofeng-tech/aisa-provider
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: AISA_API_KEY
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install aisa-provider

ClawHub CLI

Package manager switcher

npx clawhub@latest install aisa-provider
Security Scan
Capability signals
Requires OAuth tokenRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (AIsa provider, model routing, Chinese LLM access) aligns with the single required environment variable AISA_API_KEY and the provided examples that call AIsa endpoints (https://api.aisa.one). The declared primary credential is proportional to the stated function.
!
Instruction Scope
SKILL.md instructs the agent and user to use repo-relative scripts/ paths and to prefer explicit CLI auth flags when a script exposes them, but the package manifest contains no scripts/ directory or executable files. This mismatch could lead the agent to provide or instruct about commands that don't exist. Otherwise, instructions stay within provider setup/model-routing scope and only reference AISA_API_KEY and the aisa API.
Install Mechanism
No install spec or code files—this is instruction-only, so nothing is written to disk by an installer. Lowest install risk.
Credentials
Only AISA_API_KEY is required and used in examples. No unrelated secrets or config paths are requested. The amount of credential access matches the skill's purpose.
Persistence & Privilege
always is false, the skill is user-invocable and can be autonomously invoked (platform default). The package does not request system-wide changes or other skills' config.
Scan Findings in Context
[no_regex_findings] expected: The static regex scanner returned nothing to analyze; this is expected because the skill is instruction-only with no code files. The absence of findings is not proof of safety.
What to consider before installing
This skill is generally coherent: it only needs AISA_API_KEY and documents how to configure AIsa models. Before installing, verify two things: (1) the package references repo-relative scripts/ and CLI workflows but the published bundle contains no scripts — confirm whether the provider supplies those scripts elsewhere or if the documentation is stale, because the agent may instruct commands that don't exist; (2) the marketing claims (partnerships, zero-data-retention agreements, pricing discounts) are external assertions — confirm them with the vendor (e.g., check https://marketplace.aisa.one and any contractual documentation) before sending sensitive or high-volume data. As always, only provide AISA_API_KEY to providers you trust, and avoid pasting long secrets into chat transcripts. If you need higher assurance, ask the publisher for a signed package or source repository showing the referenced scripts and implementation.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🤖 Clawdis
EnvAISA_API_KEY
Primary envAISA_API_KEY
latestvk97fctxrqvnyt4nz1fn0mpryw5858seb
76downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
@baofeng-tech
latest
Download

AIsa Provider

Use AIsa for model routing, provider setup, and Chinese LLM access. Use when: the user needs model configuration, provider guidance, or routing workflows. Supports setup and model operations.

When to use

  • The user needs model routing, provider setup, or Chinese LLM access.
  • The user wants one place for provider configuration or model selection.
  • The user wants setup guidance for AIsa-hosted model workflows.

High-Intent Workflows

  • Configure an AIsa provider path.
  • Inspect supported models or routing options.
  • Prepare a runtime for Chinese-model access.

Setup

  • AISA_API_KEY is required for AIsa-backed API access.
  • Use repo-relative scripts/ paths from the shipped package.
  • Prefer explicit CLI auth flags when a script exposes them.

Example Requests

  • Help me configure AIsa for Qwen
  • List the supported routed models
  • Choose a model for Chinese long-form analysis

Guardrails

  • Do not ask for extra credentials beyond the shipped flow.
  • Do not advertise setup paths that the public bundle does not ship.
  • Keep setup instructions aligned with the actual runtime.

Comments

Loading comments...