ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ynu-papergraphgeneration-qclaw

v1.0.0

Automation skill for ynu-papergraphgeneration-qclaw.

0· 0·0 current·0 all-time
by@ljk00000
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The code implements the claimed functionality (scanning, topology generation, image/chart generation). However, the image client embeds a DEFAULT_API_KEY and DEFAULT_API_URL in code rather than exposing an overridable credential in requires.env or parameters; SKILL.md allows supplying only api_url (not api_key). Hardcoding a bearer token inside the codebase is disproportionate/unexpected and not documented in the skill metadata.
!
Instruction Scope
Runtime instructions and code will (a) call the agent-provided LLM with large parts of the paper, (b) send generated prompt content and topology to an external image API, and (c) for 'results' figures, request LLM to output Python+Matplotlib code and then execute that code locally via subprocess. Executing LLM-generated arbitrary Python without sandboxing is a notable security risk and is not constrained in the SKILL.md.
Install Mechanism
No install spec is present (instruction-only + included scripts). Nothing is being downloaded/installed at install time, which is low install risk. The code does, however, perform network requests at runtime.
!
Credentials
Registry metadata declares no required env vars or credentials, but the code contains a hardcoded API key (DEFAULT_API_KEY) and default API URL to a third-party service (api.acedata.cloud). The skill does not expose a way to supply/override the API key via SKILL.md parameters or environment variables, creating a mismatch between declared requirements and actual credential usage.
Persistence & Privilege
The skill writes outputs under the user's home directory (~/.qclaw/workspace/outputs) and creates persistent files. It does not request always:true and does not modify other skills' configs. Persistent file writes are expected for an image/chart generator but should be noted (and the output path is fixed).
What to consider before installing
Key things to consider before installing or running this skill: - Network/data exfiltration: The skill sends topology/prompt text (derived from your paper) to an external image API (api.acedata.cloud by default). If your paper is confidential/unreleased, this will leak its content to that third party unless you run the skill offline or point it to a private service. - Hardcoded API key: The repository contains a DEFAULT_API_KEY constant. Embedded keys in code are a red flag: ask the publisher for provenance of this key, remove it, or ensure the skill accepts an API key from a secure environment variable before use. - Execution of generated code: For 'results' figures the skill asks an LLM to emit full Python/Matplotlib code and then writes and runs that code via subprocess. LLM-generated code can be arbitrary and may perform malicious actions. Run the skill only in a sandboxed environment or disable automatic execution and review generated code manually. - Missing/incorrect overrides: The SKILL.md lets you pass api_url but not an api_key; the image-generation code also contains a positional-argument bug that can incorrectly map parameters. Expect potential runtime errors or unexpected behavior; review and test the code on non-sensitive inputs first. - Files written to disk: Outputs are placed under ~/.qclaw/workspace/outputs. If this is undesirable, change the path or run in a disposable environment. Recommended actions: - Request the author to (1) remove hardcoded credentials and accept API keys via environment variables, (2) document data flows and privacy implications, and (3) avoid executing untrusted code (or add a strict sandbox/safety checks). - If you must use it, run it on a throwaway VM/container, with network firewall rules if you want to prevent external API calls, and inspect any generated chart code before executing it. Confidence note: I am confident the above concerns are real based on the included files; additional context from the package author (why key was embedded, intended deployment environment, or a fixed bug in parameter passing) could change the assessment.

Like a lobster shell, security has layers — review code before you run it.

latestvk978s4m20fprn4we6ybrwh86wx84pk4q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments