Cos_Uploader_Qcloud_lh

v1.0.0

通过微信接收照片，自动上传到腾讯云 COS 低频存储，按年月归档管理

⭐ 0· 90·0 current·0 all-time

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for jingronzhao/cos-uploader-qcloud-lh.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Cos_Uploader_Qcloud_lh" (jingronzhao/cos-uploader-qcloud-lh) from ClawHub.
Skill page: https://clawhub.ai/jingronzhao/cos-uploader-qcloud-lh
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install cos-uploader-qcloud-lh

ClawHub CLI

Package manager switcher

npx clawhub@latest install cos-uploader-qcloud-lh

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

Name/description, code files, and required runtime (Python + COS SDK) all match the claimed purpose (receiving images and uploading to Tencent COS). Minor metadata mismatch: the registry record said "instruction-only" / no install spec, but the package actually includes install.sh, run.sh and Python modules (i.e., it's a code bundle that installs a virtualenv and pip packages).

Instruction Scope

The runtime instructions and implementation parse a file path out of the OpenClaw message and then open and upload that file. There is no path whitelisting or additional validation: both the --file debug mode and the automatic flow will upload any local file path that the message contains. If an attacker or misconfigured OpenClaw can supply a message containing an arbitrary filesystem path, this could be used to exfiltrate sensitive files. The skill also logs to a logs/ directory and writes encrypted config + encryption key under scripts/conf/ (see environment_proportionality).

✓

Install Mechanism

There is no remote arbitrary download: install.sh creates a venv and installs well-known PyPI packages listed in scripts/requirements.txt (cos-python-sdk-v5, cryptography). package.sh and install.sh are standard shell scripts. No URL shorteners or external binary fetches were used. The install is local and traceable.

ℹ

Credentials

The only secrets requested are Tencent COS SecretId/SecretKey, which are appropriate for the stated function. The skill encrypts them with Fernet and stores both the encrypted blob (cos_secret.enc) and the Fernet key (.encryption_key) under scripts/conf/ with restrictive file permissions (600). This is expected but worth noting: storing the encryption key on the same host (and in the same skill directory) means filesystem compromise or overly-broad host access still allows decryption. The code also contains a hardcoded OpenClaw media directory (/root/.openclaw/media/inbound) — it's not an external credential but is a hardcoded path assumption that may imply it expects root-style paths.

✓

Persistence & Privilege

The skill does not request always:true and does not modify other skills or system-wide settings. It creates directories and files inside its own skill directory (scripts/conf, scripts/logs) which is normal. The agent can invoke the skill autonomously by default (platform default) — combine with the instruction-scope concern if you allow autonomous invocation.

What to consider before installing

This skill appears to do what it says (upload WeChat-received photos to Tencent COS), but consider the following before installing: - Risk of local-file exfiltration: the skill will upload any file path it is given (via the OpenClaw message or the --file debug flag). Ensure OpenClaw only passes legitimate media cache paths and that untrusted inputs cannot supply arbitrary filesystem paths. - Limit COS credentials: use a scoped subaccount (least privilege) that only has the minimal COS permissions (bucket write) the skill needs; do not use root or high-privilege keys. - Protect the host and skill directory: the encrypted config and the encryption key are stored on the same host under scripts/conf/. If an attacker gains filesystem access they can decrypt secrets. Restrict access (file permissions and OS-level controls) to the skill directory and logs. - Review and test: inspect the scripts locally, run install in a controlled environment, and test uploads with non-sensitive test files first. - Consider invocation policy: if your platform allows it, restrict autonomous invocation of this skill or add additional validation (e.g., only accept files from a verified OpenClaw channel) to reduce the attack surface. If you want, I can point out exact lines to change to add a path whitelist, stricter mime checks, or to avoid storing the Fernet key on disk in the same folder.

Like a lobster shell, security has layers — review code before you run it.

latestvk97aa13n3078y57nhenqxt9xh983ncjg

90downloads

0stars

1versions

Updated 1mo ago

v1.0.0

MIT-0

技能入口

入口脚本: run.sh
脚本语言: Python 3.6+
超时时间: 60 秒

触发条件

当收到包含图片附件的微信消息时自动触发。

匹配模式：[media attached: <路径> (image/*)]

核心功能

自动解析：从 OpenClaw 消息体中提取图片本地缓存路径
内网上传：通过腾讯云内网域名上传到 COS，零流量费用
低频存储：自动设置为 STANDARD_IA 存储类型，降低存储成本
智能归档：按 年/月/月日_随机数.扩展名 格式自动归档
全量加密：桶名、Region、SecretId / SecretKey 等全部使用 Fernet 对称加密存储

配置参数

所有 COS 配置（桶名、Region、存储类型、网络模式、API 密钥）均通过 setup_config.py 交互式配置，加密存储在 scripts/conf/cos_secret.enc 中，源代码中不包含任何敏感信息。

依赖

Python >= 3.6
cos-python-sdk-v5 >= 1.9.30
cryptography >= 41.0.0

文件结构

cos-photo-uploader/
├── SKILL.md              # 技能清单（本文件）
├── README.md             # 详细说明文档
├── run.sh                # 运行入口
├── install.sh            # 安装脚本
├── package.sh            # 打包脚本
├── scripts/              # 技能代码
│   ├── skill_handler.py  # Skill 处理入口
│   ├── cos_uploader.py   # COS 上传核心模块
│   ├── config.py         # 加密配置管理
│   ├── setup_config.py   # 一站式配置工具（桶信息 + 密钥）
│   └── requirements.txt  # Python 依赖
└── screenshots/          # 截图
    └── .gitkeep

Comments

Loading comments...