ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

tsy-gzh-find-topic

v1.0.0

调用后端接口,获取公众号爆款选题推荐,直接输出原始 data。

0· 78·0 current·0 all-time
byAI架构师汤师爷@tangshiyegit
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description say: call a backend API and output the response data, which matches the SKILL.md and the small helper script. However the manifest lists no required environment variables or primary credential while SKILL.md explicitly reads TSY_API_URL and TSY_API_KEY from a global .env — this metadata/instruction mismatch is unexpected.
Instruction Scope
Instructions are narrowly scoped: run the bundled Python script to produce a JSON body, POST it to {BASE_URL}/gzh/findTopic?apikey={SATOKEN}, and output the response.data raw. That scope is coherent with the stated purpose. Concern: the skill requires reading a global .env for TSY_API_KEY/TSY_API_URL (an access to host configuration) which is not declared; the agent will send the API key as a query parameter to an external domain and then output raw response data without filtering.
Install Mechanism
No install spec; the only code is a tiny, readable Python script that generates timestamps. No downloads or extracted archives — low install risk.
!
Credentials
SKILL.md requires TSY_API_KEY (called SATOKEN) and optionally TSY_API_URL from a global .env, but the manifest declares no required env vars or primary credential. Requiring a secret API key is proportionate to calling a protected backend, but failing to declare that in metadata is an inconsistency that could lead to unexpected secret exposure. Also the API key is sent as a query parameter (?apikey=...), which may be logged by intermediaries — a privacy risk the user should consider.
Persistence & Privilege
always is false, no install-time changes or system-wide modifications, and the skill does not request persistent presence or elevated privileges.
What to consider before installing
This skill calls an external API (default https://api.tangshiye.cn) and requires an API key (TSY_API_KEY) read from a global .env, but the skill metadata does not declare that requirement — that's the primary red flag. Before installing, verify: 1) you trust the remote domain (api.tangshiye.cn) and its privacy/security practices; 2) the API key you supply is scoped minimally and not your broader credentials; 3) you are comfortable that the key will be sent as a query parameter (may be logged by proxies); 4) the skill will output raw response data (which may include sensitive info), so avoid passing secrets you wouldn't want printed. Prefer the author update the manifest to declare required env vars (TSY_API_KEY and optional TSY_API_URL) or provide clearer provenance; if unsure, do not install or run the skill with production credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ehz52m80pvvf9macp041f9n83c0ej

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments