Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Check Bookings Phone
v1.0.2检查携程旅行app预售订单的日期可用性。通过ADB连接Android设备,自动化操作携程app,遍历"未使用 预售订单"中的每个订单,查询指定日期范围内每天的预约状态(可约、约满、补差价等)。当用户提到检查携程订单、查看预售订单可用日期、查酒店预约状态时触发此skill。
⭐ 0· 399·0 current·0 all-time
byChao Zheng@zcqqq
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description, dependency on @midscene/android, and the script's ADB automation are coherent: this skill legitimately needs an external vision model to analyze screenshots. However the registry metadata lists no required env vars while SKILL.md explicitly requires MIDSCENE_MODEL_* variables — an inconsistency between declared metadata and runtime instructions.
Instruction Scope
Runtime instructions and the script take screenshots of the device UI and send them to the MIDSCENE_MODEL_BASE_URL visual model API for OCR/analysis. The SKILL.md does warn about screenshots containing order/hotel details being transmitted, but this behavior is sensitive (it transmits potentially personal/financial info) and constitutes data exfiltration to an external service.
Install Mechanism
No arbitrary download install is present; dependencies are standard npm packages (listed in package.json / package-lock.json). Installation uses npm install (traceable). This is moderate risk but expected for a Node/TS skill.
Credentials
The script needs MIDSCENE_MODEL_API_KEY, MIDSCENE_MODEL_BASE_URL, MIDSCENE_MODEL_NAME (and optionally MIDSCENE_USE_DOUBAO_VISION) — these are justified by the use of a hosted vision model. The concern is (a) the registry metadata omitted these required env vars, and (b) these credentials grant an external service access to screenshots of your device, so they are sensitive and should only be given to a trusted endpoint.
Persistence & Privilege
Skill does not request always:true and does not modify other skills or system-wide configuration. It runs ad-hoc when invoked and uses the agent to control an attached Android device; no elevated platform privileges are requested.
What to consider before installing
This skill appears to do what it says (automate Ctrip via ADB and query calendar statuses), but it sends screenshots from your phone to an external visual model endpoint. Before installing: 1) Confirm and trust the MIDSCENE_MODEL_BASE_URL you will use (do not use unknown or third‑party endpoints). 2) Be aware screenshots may include hotel names, prices, dates, and other personal info — avoid running on a device with sensitive apps/accounts logged in. 3) Note the registry metadata omits the required MIDSCENE_* env vars declared in SKILL.md; verify required env vars are documented and stored securely (e.g., not world-readable .env). 4) Inspect package-lock.json if you need to audit third‑party dependencies. If you have concerns about sending screenshots externally, consider running the script against an emulator or a local/private model service, or modify the code to perform analysis locally.Like a lobster shell, security has layers — review code before you run it.
androidvk974ebq4gb0erg186awmj01zd18208mbautomationvk974ebq4gb0erg186awmj01zd18208mblatestvk97badnbx74d11rxdkh4s4yn6x824khpmidscenevk974ebq4gb0erg186awmj01zd18208mb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.