ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Sfe Dm Data Viewer

v1.0.1

SFE德镁专属数据查询工具,用于查询百卢妥日采集反馈等德镁定制化数据

0· 106·1 current·1 all-time
by@spzwin

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for spzwin/sfe-dm-data-viewer.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Sfe Dm Data Viewer" (spzwin/sfe-dm-data-viewer) from ClawHub.
Skill page: https://clawhub.ai/spzwin/sfe-dm-data-viewer
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install sfe-dm-data-viewer

ClawHub CLI

Package manager switcher

npx clawhub@latest install sfe-dm-data-viewer
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description, openapi docs, examples, and Python scripts are coherent: the package is focused on querying the erp-web.mediportal.com.cn API for SFE/DM data and returning results encoded with the included TOON encoder.
!
Instruction Scope
SKILL.md instructs the agent to automatically install and use cms-auth-skills (via 'npx clawhub@latest install ...' and a GitHub fallback) if it's not present. It also mandates that the agent must run the included Python scripts (not call APIs directly). These are actionable instructions that involve network downloads and code execution beyond merely reading docs.
!
Install Mechanism
There is no formal install spec in registry metadata, but SKILL.md tells the agent to run npx clawhub to install cms-auth-skills and provides a GitHub repository fallback. That directs the agent to fetch and install external code at runtime from a third-party repo — higher-risk than an instruction-only skill and not a well-defined package source.
!
Credentials
Registry metadata declares no required env vars, yet both scripts expect an app key in XG_BIZ_API_KEY or XG_APP_KEY. The SKILL.md references cms-auth-skills for preparing appKey, but the skill fails to declare the credential requirements up-front. Requiring an appKey is reasonable for the API, but the omission in metadata is an inconsistency.
Persistence & Privilege
always is false and the skill does not request permanent presence. However, SKILL.md explicitly directs the agent to install another skill (cms-auth-skills) if missing, which effectively causes the agent environment to change by adding new skills; this is a privileged action and should be done only with explicit user approval.
What to consider before installing
This skill appears to implement the functionality it claims, but there are several red flags you should consider before installing or running it: - Secrets / env vars: The included scripts require an app key via XG_BIZ_API_KEY or XG_APP_KEY, but the skill metadata did not declare this. Expect to provide that secret if you run the scripts. Only set such keys if you trust the API and code. - Automatic install of another skill: SKILL.md tells the agent to run 'npx clawhub@latest install cms-auth-skills --force' (and a GitHub fallback). That will download and install external code at runtime. Review the cms-auth-skills code/repo first and avoid automatic installs from unknown sources. - Missing runtime assumptions: The instructions assume 'npx'/'clawhub' are available; the skill metadata did not declare required binaries. If the agent attempts to run those commands and they are present, code will be fetched and executed. - TLS verification disabled: Both API scripts call requests.post(..., verify=False), which disables HTTPS certificate verification — this makes network communication vulnerable to MITM and could leak the app key. You should modify scripts to use verify=True (or remove the flag) before running in production. - Code review: The TOON encoder is large but appears to be a serialization utility. Still, review the cms-auth-skills (if installed) and included scripts for any additional network calls, logging of secrets, or persistence of credentials. Recommendations: do not let the agent auto-run the npx install; instead manually inspect cms-auth-skills repository and the included scripts. Fix verify=False, ensure you only provide the minimal API key needed, and run the scripts in a controlled environment first (or run curl requests manually if you prefer). If you are not comfortable reviewing the external cms-auth-skills code, avoid installing or running this skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cxmndr7wvpzc97ky5pka9ed83zpwy
106downloads
0stars
2versions
Updated 4w ago
v1.0.1
MIT-0
@spzwin
latest
Download

SFE-DM-Data-Viewer — 索引

本文件提供能力宪章 + 能力树 + 按需加载规则。详细参数与流程见各模块 openapi/examples/

当前版本: v0.1

接口版本: 所有业务接口统一使用 /erp-open-api/* 前缀,通过 appKey 鉴权。

能力概览(1 块能力)

  • sfe-dm:德镁专属数据查询(百卢妥日采集反馈)

统一规范:

  • 认证与鉴权:cms-auth-skills/SKILL.md
  • 通用约束:cms-auth-skills/SKILL.md

授权依赖:

  • 当接口声明需要 appKey 时,先尝试读取 cms-auth-skills/SKILL.md
  • 如果已安装,直接按 cms-auth-skills/SKILL.md 中的鉴权规则准备 appKey
  • 如果未安装,先执行 npx clawhub@latest install cms-auth-skills --force
  • 如果上面的安装方式不可用,再执行 npx clawhub@latest install https://github.com/spzwin/cms-auth-skills.git --force
  • 安装完成后,再继续执行需要鉴权的操作

输入完整性规则(强制):

  1. 查询百卢妥日采集反馈数据前,建议先确定 periodStartperiodEnd 时间范围
  2. 分页查询时,每页固定返回 1000 条记录,大数据量需分页处理

建议工作流(简版):

  1. 读取 SKILL.mdcms-auth-skills/SKILL.md,明确能力范围、鉴权与安全约束。
  2. 识别用户意图并路由模块,先打开 openapi/<module>/api-index.md
  3. 确认具体接口后,加载 openapi/<module>/<endpoint>.md 获取入参/出参/Schema。
  4. 补齐用户必需输入,必要时先读取用户文件/URL 并确认摘要。
  5. 参考 examples/<module>/README.md 组织话术与流程。
  6. 执行对应脚本:调用 scripts/<module>/<endpoint>.py 执行接口调用,获取 TOON 编码后的结果。所有接口调用必须通过脚本执行,不允许跳过脚本直接调用 API。

脚本使用规则(强制):

  1. 每个接口必须有对应脚本:每个 openapi/<module>/<endpoint>.md 都必须有对应的 scripts/<module>/<endpoint>.py,不允许"暂无脚本"。
  2. TOON 编码输出:所有脚本调用 API 后,响应 JSON 必须经过 scripts/common/toon_encoder.py 编码后再输出,不允许直接输出原始 JSON。
  3. 脚本可独立执行:所有 scripts/ 下的脚本均可脱离 AI Agent 直接在命令行运行。
  4. 先读文档再执行:执行脚本前,必须先阅读对应模块的 openapi/<module>/api-index.md
  5. 入参来源:脚本的所有入参定义与字段说明以 openapi/ 文档为准,脚本仅负责编排调用流程。
  6. 鉴权一致:涉及鉴权时,统一依赖 cms-auth-skills/SKILL.md

意图路由与加载规则(强制):

  1. 先路由再加载:必须先判定模块,再打开该模块的 api-index.md
  2. 先读文档再调用:在描述调用或执行前,必须加载对应接口文档。
  3. 脚本必须执行:所有接口调用必须通过脚本执行,不允许跳过。
  4. 不猜测:若意图不明确,必须追问澄清。

宪章(必须遵守):

  1. 只读索引SKILL.md 只描述"能做什么"和"去哪里读",不写具体接口参数。
  2. 按需加载:默认只读 SKILL.md + cms-auth-skills/SKILL.md,只有触发某模块时才加载该模块的 openapiexamplesscripts
  3. 对外克制:对用户只输出"可用能力、必要输入、结果链接或摘要",不暴露鉴权细节与内部字段。
  4. 素材优先级:用户给了文件或 URL,必须先提取内容再确认,确认后才触发生成或写入。
  5. 生产约束:仅允许生产域名与生产协议,不引入任何测试地址。
  6. 接口拆分:每个 API 独立成文档;模块内 api-index.md 仅做索引。
  7. 危险操作:对可能导致数据泄露、破坏、越权的请求,应礼貌拒绝并给出安全替代方案。
  8. 脚本语言限制:所有脚本必须使用 Python 编写
  9. 重试策略:出错时间隔 1 秒、最多重试 3 次,超过后终止并上报。
  10. 禁止无限重试:严禁无限循环重试。

模块路由与能力索引:

用户意图(示例)模块能力摘要接口文档示例模板脚本
"查询百卢妥日采集反馈数据"sfe-dm查询百卢妥日采集反馈./openapi/sfe-dm/api-index.md./examples/sfe-dm/README.md./scripts/sfe-dm/balutamide-daily-feedback.py

能力树(实际目录结构):

sfe-dm-data-viewer/
├── SKILL.md
├── openapi/
│   └── sfe-dm/
│       ├── api-index.md
│       └── balutamide-daily-feedback.md
├── examples/
│   └── sfe-dm/README.md
└── scripts/
    ├── common/toon_encoder.py
    └── sfe-dm/
        ├── README.md
        └── balutamide-daily-feedback.py

Comments

Loading comments...