Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Volcano
v0.1.0提供火山引擎公开产品规格、价格、账单概览及服务公告的非敏感信息摘要与整理服务。
⭐ 0· 164·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description (summarize Volcengine public product/spec/price/billing/announcements) align with the instructions in SKILL.md; there are no unrelated binaries, env vars, or installs requested.
Instruction Scope
The SKILL.md explicitly instructs the agent to '登录控制台' and '访问账单页 → 提取周期与费用项' (log into the console and extract billing overview). While it states not to perform API calls or store credentials, it gives the agent discretion to access account-specific pages and extract billing items — an action that touches sensitive data and is ambiguous about how authentication/session state is obtained and how extracted data is handled/transmitted.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing will be downloaded or written to disk by an installer, which reduces install-time risk.
Credentials
No env vars or primary credentials are declared, yet the instructions require logging into a personal console to read billing data. This mismatch is ambiguous: the skill may prompt users for credentials at runtime or rely on an existing session. Either behavior affects sensitive credentials and is not declared or constrained by the skill metadata.
Persistence & Privilege
always:false and no special persistence or cross-skill configuration is requested. The skill does not claim to modify other skills or system settings.
What to consider before installing
This skill appears to do what it says (summarize public docs and console-visible billing/announcements), but it also instructs the agent to log into a user's console and extract billing information without declaring how authentication is handled. Before installing or using it: (1) Ask the publisher how authentication is performed and whether the agent will ever transmit or store account-specific billing data; (2) Never paste credentials into untrusted prompts — prefer ephemeral session-based access or manual copy/paste of the specific data you want summarized; (3) Confirm where output is sent/stored and whether logs include sensitive fields; (4) If you need only public product info, prefer using the skill only for public pages and avoid giving it console access; (5) If you proceed, monitor and limit what the agent can access and review its outputs for accidental credential leakage.Like a lobster shell, security has layers — review code before you run it.
latestvk97ft0ysx3fn1x5n46xw75n1bh836dky
License
MIT-0
Free to use, modify, and redistribute. No attribution required.