Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
NowPlaying XHS
v1.1.0当前院线推荐 - 实时检索公映影片 + 多维度评分 + 附近影院排片
⭐ 0· 21·0 current·0 all-time
bySeagle@seeu1688
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
SKILL.md and CONFIG.md describe heavy reliance on Bocha API, Tavily, and agent-browser for real-time Maoyan/淘票票 data and mention BOCHA_API_KEY and TAVILY_API_KEY; the public registry metadata lists no required env vars. The included Python script (nowplaying.py) only fetches Rotten Tomatoes and Variety and does not implement Bocha/Tavily/猫眼/淘票票 scraping or agent-browser integration. This is a substantive mismatch between claimed capabilities and actual code/declared requirements.
Instruction Scope
The runtime instructions direct the agent to: check for user location (city/coordinates) from system context, run external tools (agent-browser, node tavily-search script), call remote APIs with API keys, spin up a local HTTP server, and take browser-rendered screenshots. Those actions access system context, start local servers, and invoke external tools — yet none of those env vars/binaries are declared in the skill manifest. The SKILL.md also mandates strict output structure and real-time scraping of third‑party Chinese sites (猫眼/淘票票) which can require more privileges or tooling than the provided code uses.
Install Mechanism
There is no install spec in the skill package (instruction-only install). However the docs instruct installing agent-browser globally via npm and using an external node script (tavily-search). Because installation steps are only in prose and not declared in metadata, an agent following SKILL.md could attempt to run npm install -g, which modifies the system environment. That action is not pre-declared and increases operational risk. The included code itself has no package install step and only uses Python stdlib HTTP calls.
Credentials
CONFIG.md and SKILL.md expect BOCHA_API_KEY and TAVILY_API_KEY (and implicitly possible BRAVE_API_KEY / SEARXNG_URL), but the skill's manifest lists no required environment variables or primary credential. The mismatch means a user might need to supply sensitive API keys not signaled by the registry metadata. Additionally SKILL.md tells the agent to probe for user location/context without declaring how that data is accessed or authorized.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide persistence. It does not modify other skills' configs in the provided files. The package will not be force-included in every agent run based on metadata.
What to consider before installing
This package has inconsistent documentation vs code. Before installing or supplying credentials: (1) Ask the author to clarify and update the registry metadata to declare required env vars (BOCHA_API_KEY, TAVILY_API_KEY) and any binaries (agent-browser, node). (2) Confirm whether the skill will actually call Bocha/Tavily/猫眼/淘票票 and whether you must install agent-browser globally (npm install -g) — global npm installs modify your system. (3) If you must provide API keys, only provide scoped keys with minimal permissions and rotate them if you later uninstall. (4) Be aware SKILL.md instructs accessing user location and starting a local HTTP server/screenshot flow; ensure you trust the skill and understand where data (including location) will be sent. (5) If you only want the functionality implemented by the included nowplaying.py (Rotten Tomatoes/Variety scraping), prefer running that script in an isolated environment; if you need the Chinese real-time functionality, request a code update that implements it and explicitly declares required env vars and install steps. If the author cannot reconcile these mismatches, treat the skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk97azpcd4gevwhzgmzgjch9qzh84zy2a
License
MIT-0
Free to use, modify, and redistribute. No attribution required.