ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Qqbot Installer

v1.0.3

OpenClaw QQ 机器人插件安装与升级助手。当用户说「安装 qqbot」「升级 qqbot 插件」「更新 openclaw-qqbot」「qqbot 插件怎么装」「帮我安装/升级 qqbot」等相关语句时激活。支持全新安装和版本升级,含文件验证、自动回滚、重启。

0· 129·0 current·0 all-time
by@ryanlee-gemini

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for ryanlee-gemini/qqbot-installer.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Qqbot Installer" (ryanlee-gemini/qqbot-installer) from ClawHub.
Skill page: https://clawhub.ai/ryanlee-gemini/qqbot-installer
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install qqbot-installer

ClawHub CLI

Package manager switcher

npx clawhub@latest install qqbot-installer
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The name/description (OpenClaw QQ plugin installer/upgrader) matches what the included script does: detect an OpenClaw CLI, run plugins update/install, validate files, backup/rollback and restart the gateway. However the skill metadata declares no required binaries or env vars while the script clearly requires a CLI (openclaw / clawdbot / moltbot) and node to run JSON checks and postinstall JS. This mismatch is an incoherence that should be corrected or explained.
Instruction Scope
SKILL.md instructs the agent to run the provided script and show the output — that is consistent and scoped to installing/upgrading plugins. The script reads OpenClaw configuration and plugin directories (e.g., $HOME/.openclaw/*), moves and deletes plugin directories (mv, rm -rf), and executes any plugin-provided postinstall script (node scripts/postinstall-link-sdk.js). Those filesystem operations and execution of third-party postinstall code are expected for an installer but are high-impact actions that require user awareness and explicit consent.
Install Mechanism
There is no install spec (instruction-only plus an included script). Nothing is downloaded by the skill itself; the actual package download happens via the user/system openclaw CLI (which likely uses npm). No suspicious external download URLs are embedded in the skill.
!
Credentials
The skill declares no required environment variables or binaries, yet the script depends on: (1) an OpenClaw CLI binary (openclaw / clawdbot / moltbot), and (2) node for JSON parsing and running postinstall scripts. The script also accesses the user's home directory and OpenClaw config paths. The lack of declared runtime requirements is an inconsistency and the script's ability to run arbitrary postinstall JS (from the installed npm package) is a potential avenue to execute untrusted code.
Persistence & Privilege
The skill is not always-enabled and does not request persistent or elevated platform privileges. It does modify user plugin directories and config-contained installs, but only within the scope of installing/upgrading plugins (no evidence it modifies other skills or global agent configuration).
What to consider before installing
This skill appears to do what it says (install/upgrade an OpenClaw plugin) but has three important issues to consider before installing or running it: 1) Missing runtime requirements: the metadata does not declare that the script needs an OpenClaw CLI (openclaw|clawdbot|moltbot) or node.js. Ensure those binaries exist and are the versions you expect before running the script. 2) High-impact filesystem changes: the script will move, remove, and replace plugin directories under your OpenClaw extensions/config paths (defaults to $HOME/.openclaw/extensions). It can rm -rf legacy directories and will delete backups on successful install. Back up your OpenClaw config/plugins beforehand, or run this in a safe test environment. 3) Arbitrary code execution via npm lifecycle scripts: when the CLI installs an npm package it will run package lifecycle scripts. The installer will also explicitly execute a plugin's scripts/postinstall-link-sdk.js with node. That means installing an untrusted plugin version can execute arbitrary JavaScript on your host. To reduce risk,: - Review the specific npm package source and version before installing (or pin to a vetted version). - Run the installer manually in a sandbox/container or on a staging instance first. - Inspect outputs and logs before accepting success; if the script fails, do not assume safe state — check rollbacks/backups. If you still want to use this skill, ask the publisher to update the metadata to list required binaries (node, openclaw/clawdbot/moltbot) and to document exact permissions and paths the script modifies. If you cannot verify the package or prefer caution, avoid running this automatically and run the script manually after review.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e65pfd5vg7j0q6qp20tgnzx841gcp
129downloads
0stars
4versions
Updated 3w ago
v1.0.3
MIT-0
@ryanlee-gemini
latest
Download

OpenClaw QQ 机器人插件安装 & 升级

通过 scripts/upgrade-plugin.sh 在 agent 内直接完成插件的安装或升级,无需用户在终端手动操作。

核心脚本

scripts/upgrade-plugin.sh — 通用插件安装/升级脚本。

用法: upgrade-plugin.sh <npm-pkg-name> <plugin-id> [选项]

必填:
  <npm-pkg-name>           npm 包名,如 openclaw-qqbot
  <plugin-id>              插件目录名,如 openclaw-qqbot

选项:
  --version <ver>          指定版本(跳过 update,走 reinstall)
  --no-restart             不重启 gateway(热更新场景)
  --verify-files <files>   逗号分隔的相对路径,验证这些文件存在
  --legacy-dirs <dirs>     逗号分隔的旧目录名,安装前清理

执行逻辑

  1. 策略判断:有安装记录 + 有目录 + 未指定版本 → plugins update(升级);否则 → backup + plugins install --pin(全新安装)
  2. 文件验证:读取 package.json 版本号,检查 --verify-files 指定的关键文件
  3. postinstall:若存在 scripts/postinstall-link-sdk.js 自动执行
  4. 重启:执行 gateway restart 使插件生效(--no-restart 跳过)

QQ 机器人插件(openclaw-qqbot)

安装或升级到最新版:

bash <skill_dir>/scripts/upgrade-plugin.sh \
  "openclaw-qqbot" \
  "openclaw-qqbot" \
  --verify-files "dist/index.js,dist/src/gateway.js,dist/src/api.js,dist/src/admin-resolver.js" \
  --legacy-dirs "qqbot,openclaw-qq"

安装或升级到指定版本:

bash <skill_dir>/scripts/upgrade-plugin.sh \
  "openclaw-qqbot" \
  "openclaw-qqbot" \
  --version "1.2.3" \
  --verify-files "dist/index.js,dist/src/gateway.js,dist/src/api.js,dist/src/admin-resolver.js" \
  --legacy-dirs "qqbot,openclaw-qq"

<skill_dir> = 本 skill 文件所在目录,即 SKILL.md 的 dirname。 执行前需用 exec 运行脚本,并将输出展示给用户。

执行后处理

脚本输出包含结构化行:

  • PLUGIN_NEW_VERSION=1.2.3 → 新版本号
  • PLUGIN_REPORT=✅ ... → 结果摘要(直接转发给用户)

若脚本退出码非 0,告知用户操作失败并粘贴输出,建议检查网络和 npm registry。

通用插件(非 qqbot)

bash <skill_dir>/scripts/upgrade-plugin.sh \
  "my-org/my-openclaw-plugin" \
  "my-plugin-id"

Comments

Loading comments...