ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Tencent Cloud COS

v1.1.6

腾讯云对象存储(COS)和数据万象(CI)集成技能。覆盖文件存储管理、AI处理和知识库三大核心场景。 存储场景:上传文件到云端、下载云端文件、批量管理存储桶文件、获取文件签名链接分享、查看文件元信息。 图片处理场景:图片质量评估打分、AI超分辨率放大、AI智能裁剪、二维码/条形码识别、添加文字水印、获取图片EXI...

2· 1.7k·1 current·1 all-time
byShawnmZhang@shawnminh·duplicate of @shawnminh/tencent-cos-skill
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to manage Tencent Cloud COS/CI/MetaInsight and the bundled Node.js script plus the cos-nodejs-sdk-v5 dependency are appropriate and proportionate for that purpose. However, the registry metadata (shown at top) lists no required environment variables/primary credential, while the embedded SKILL.md/openclaw metadata and scripts clearly require Tencent credentials (SecretId/SecretKey, optional Token) and config (Region, Bucket). This mismatch is an incoherence that should be resolved.
Instruction Scope
Runtime instructions (setup.sh and cos_node.mjs) stay within COS/CI/MetaInsight scope: installing SDK, reading/writing .env(.enc), and calling COS/CI endpoints. The scripts read environment variables (TENCENT_COS_*) and may persist them to .env or .env.enc; they do not contain obvious instructions to read unrelated system files or exfiltrate data to unexpected remote endpoints. The machine‑bound encryption and fallback behaviors are implemented in the script and are within expected scope for a credential-handling tool.
Install Mechanism
Install uses a single npm package (cos-nodejs-sdk-v5) via the node install mechanism—an expected, moderate-risk choice for a Node.js integration. No downloads from untrusted URLs or archive extraction were observed.
!
Credentials
The secret types requested by the SKILL.md (SecretId, SecretKey, optional Token) and required config (Region, Bucket) are necessary and proportionate for COS/CI operations. The concern is the inconsistency with the registry metadata which lists no required env vars/primary credential; that could mislead users or automated permission reviewers. The skill supports optional persistent storage of credentials to disk (.env/.env.enc) — this increases exposure compared to purely ephemeral session variables, so users should prefer STS tokens and avoid --persist unless necessary.
Persistence & Privilege
The skill does not request unusual platform privileges and always:false. It will, if the user opts in, persist credentials to .env or write an encrypted .env.enc in the project directory. The encryption key is derived from local machine attributes (hostname, username, project path), which prevents simple copying but means the encrypted file is machine/user-specific. Persisting credentials to disk increases risk; the skill itself enforces least-privilege recommendations but cannot enforce them for the user-provided keys.
What to consider before installing
This package appears to be a legitimate Tencent COS integration, but note two important things before installing: (1) The registry metadata shown to you omitted the required Tencent credentials — the SKILL.md and scripts do require SecretId/SecretKey (and optional Token) plus Region and Bucket. Do not rely on the registry summary alone. (2) The setup can persist credentials to a .env file (or an encrypted .env.enc tied to your machine); prefer ephemeral STS tokens and avoid using --persist unless you understand the risks. Verify you will supply a sub-account with least-privilege COS-only permissions (avoid root keys), inspect the cos-nodejs-sdk-v5 package source if you want extra assurance, and run the setup in a controlled environment. If the registry publisher or metadata cannot explain the discrepancy about required credentials, treat the package with extra caution.

Like a lobster shell, security has layers — review code before you run it.

latestvk97aktnr4wed996bhya3hve26d84d326

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

☁️ Clawdis
ConfigRegion, Bucket

Install

Install COS Node.js SDKnpm i -g cos-nodejs-sdk-v5

Comments