Bp Audit
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill’s BP audit purpose is coherent, but it needs review because it can use CWork keys/tokens and business data with unclear credential, header, and domain scoping.
Install only if you trust the BP/CWork API domains and are authorized to audit the relevant employee and business-plan data. Before use, verify which credential is required, which domain will receive it, and limit audits to the smallest necessary department, employee, or task scope.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could authenticate to the BP system using a token already present in its environment or context before the user explicitly provides a key, and a wrongly scoped token could be sent to the service.
The skill authorizes use of existing environment/context credentials or a user-provided CWork Key, but the registry metadata declares no credential requirement; the generic `token` context field is not clearly scoped to CWork.
优先级 1(环境变量):读取 `XG_USER_TOKEN`... 优先级 2(上下文 token):若无环境变量,尝试从上下文中读取 `token` / `xgToken` / `access-token` 字段... 优先级 3... 向用户索取 `CWork Key`
Declare the required credential and `XG_USER_TOKEN` in metadata, avoid generic context token names, and require explicit user confirmation before using any existing token.
A user’s CWork Key or token may be used more broadly than expected, including against a test-named host or with a header format that differs from the auth guide.
Business API documentation sends an app key to a test-named API host, while the separate auth guide describes exchanging the CWork Key for an `access-token`; this makes credential destination and scope ambiguous.
**域名**: `cwork-web-test.xgjktech.com.cn` ... 所有接口需要在 Header 中携带: `appKey: <your-app-key>`
Clarify whether production or test endpoints are intended, align all API docs on `access-token` versus `appKey`, and ensure the credential is only sent to the intended trusted domain.
Audit requests may cause the agent to retrieve internal report text, employee names, and task information.
The skill can query report records through the BP API; this is purpose-aligned for audit work, but it can expose detailed business progress content to the agent.
根据任务 ID 分页查询该任务关联的所有汇报记录(含手动汇报和 AI 汇报)
Use the skill with a clearly bounded audit scope, and avoid requesting broad department-wide or all-employee audits unless the credential is authorized for that access.