Wendao Partner Qclaw Skill
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: wendao-partner-qclaw-skill Version: 1.0.0 The skill facilitates travel-related queries via the Ctrip 'Wendao' API. It uses a shell script (get-token.sh) to securely fetch credentials from a local gateway (localhost:19000) and a Node.js script (scripts/wendao_query.js) to communicate with the official Ctrip endpoint (externalcallback.ctrip.com). The instructions in SKILL.md are focused on ensuring the agent uses the provided tools correctly and do not contain malicious prompt injections or exfiltration logic.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Travel questions may be routed to Ctrip/Wendao instead of being answered from the agent's normal knowledge or after a separate user choice.
The skill tells the agent to prioritize this skill and force provider API use for travel tasks. That is coherent with the integration, but it is strong goal/tool-control language.
“这是最高优先级任务” ... “严禁使用你的通用知识库” ... “必须且只能通过下方的脚本/命令调用问道 API”
Use this skill only if broad travel requests should go through Ctrip/Wendao, and keep platform-level invocation limits or user confirmation for sensitive travel details.
A normal travel question can cause local script execution and an external API request using the user's query.
The documented workflow requires local command execution and a network API call. This is central to the skill's purpose, but users should know the agent will run included scripts for travel queries.
export WENDAO_API_KEY=$(bash '<SCRIPT_PATH>/get-token.sh') ... node scripts/wendao_query.js "<用户原话>"
Review the scripts before use, keep first-run approval if available, and ensure the provider call is acceptable for the user's travel data.
The skill can use the authorized Wendao/Ctrip API token and may consume account quota or billing tied to that credential.
The helper obtains an access token through a local credential gateway and remote forwarding endpoint, then returns it for WENDAO_API_KEY. This is expected for an authenticated provider integration, but it uses delegated API/account privilege.
PROXY_BASE_URL="http://localhost:${PROXY_PORT}" ... -X POST "${PROXY_BASE_URL}/proxy/api" -H "Remote-URL: ${REMOTE_URL}" ... access_token=$(json_extract "$response" '.data.resp.data.access_token')Confirm the integration-panel authorization, key scope, billing, and revocation path before relying on the skill.
An API token or internal provider response data could be printed into the agent session or shown to the user if the API returns an error or unexpected payload.
If the API response omits or returns an empty result, the script prints the whole response. SKILL.md documents full responses can include state.token, messages, and events, so this contradicts the stated result-only handling and can expose credentials/internal data.
let result = data.result || data; ... content = result.content || JSON.stringify(result); ... console.log(content);
Fail closed when data.result is missing, never stringify the full response, and explicitly redact token, state, messages, and events before any logging or display.
Windows users may hit a broken setup path or be pushed to manual token handling, and dependency expectations are not fully captured in metadata.
The setup documentation references a PowerShell credential helper, but the provided file set contains get-token.sh and no get-token.ps1; the registry metadata also declares no required binaries despite Node/curl usage.
Windows (PowerShell) ... get-token.ps1
Include the referenced PowerShell helper or remove that workflow, and declare Node.js/curl and credential requirements in the registry metadata.