Kdocs.Hold
ReviewAudited by ClawScan on May 10, 2026.
Overview
This looks like a real Kdocs cloud-document integration, but it needs review because it handles a persistent Kdocs token, can change/share/delete cloud documents, runs local setup scripts, and lets a remote update response guide upgrades.
Install only if you trust this Kdocs/WPS integration. Prefer the automated browser authorization flow, avoid pasting tokens into chat or command lines, review setup scripts before running them, do not execute remote upgrade instructions without explicit approval, and carefully confirm file IDs before any share, edit, move, or delete action.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A Kdocs token could be exposed through chat transcripts, command logging, shell history, or process arguments, potentially allowing access to the user's cloud documents.
The manual fallback asks the agent to receive a bearer token and demonstrates inserting it into a shell command, while the same instructions say tokens must not be concatenated into commands.
用户将 Token 提供给 Agent ... mcporter config add kdocs-qclaw ... --header "Authorization=Bearer <TOKEN>" ... Token 安全:...不得...拼接到命令中
Prefer the browser/OAuth-style token flow. If manual setup is needed, use a secure config API or stdin-style input, avoid putting the token in chat or command-line arguments, and revoke the token if exposure is suspected.
A compromised or incorrect remote update response could steer the agent into unsafe local changes or unsafe credential handling during an upgrade.
The skill makes a remote service's returned `instruction` field authoritative for upgrades, including token/config migration, without bounding allowed actions or requiring explicit user approval for the upgrade steps.
返回:stdout 为 JSON,包含 ... `instruction` | 升级操作步骤 ... 若本地版本落后于 `latest`,按 `instruction` 中的指引完成升级...升级时需要保留旧版 `mcporter` 配置中的 Token,并将其迁移到新版本配置中。
Treat remote update instructions as advisory only. Show them to the user, require explicit approval, and only run pinned, verified, allowlisted upgrade commands.
Mistaken tool use could modify, share, move, or delete important cloud documents.
The skill has broad cloud-document mutation and sharing authority, but this is aligned with its stated purpose and it explicitly requires confirmation for irreversible operations.
支持创建、查询、读取、编辑、分享、移动多种类型的在线文档 ... 不可逆操作(delete/close 类)执行前必须向用户确认
Before edits, shares, or deletes, verify the exact file names/IDs and requested action; require explicit confirmation for irreversible operations.
Running setup scripts can modify local tool configuration and, with the optional flag, install dependencies.
The skill documents local script execution for setup/token retrieval. This is expected for setup, but it is still local code execution and optional package installation.
运行 `bash scripts/get-token.sh` 或 `node scripts/get-token.js` 获取新 Token ... 如需允许脚本自动安装 `mcporter`,可显式追加 `--auto-install-mcporter`
Review scripts before running them, avoid elevated privileges, and only use the auto-install option if you intentionally want the skill to install mcporter.
Document requests, selected content, and account authorization are handled by the remote Kdocs/WPS service.
The skill sends MCP tool calls and authorization to a remote WPS/Kdocs MCP endpoint. This is expected for a cloud-document integration, but it is a sensitive data boundary.
mcporter config add kdocs-qclaw "https://mcp-center.wps.cn/skill_hub/mcp" --header "Authorization=Bearer <TOKEN>" ... --transport http --scope home
Use the skill only if you trust the Kdocs/WPS endpoint and are comfortable sending the relevant document content and operations to that service.