ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Architecture Visualization & Governance

v1.4.0

Visualize and govern your cloud architectures. Get architecture assessments, risk heatmaps, and compliance dashboards in one place.

0· 47·0 current·0 all-time
by@stinggit
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The declared purpose (visualize/govern Tencent Cloud architectures via the Advisor API) matches the requested env vars (TENCENTCLOUD_SECRET_ID/KEY) and included API docs/scripts. However the runtime code calls an external tool ('clawhub inspect') for version checking but 'clawhub' is NOT listed in required binaries — that's an incoherence. Also the SKILL.md and scripts both reference creating CAM roles and attaching policies; one place describes 'read-only' Advisor access but the role creation text and policy names suggest broader privileges (including QcloudTAGFullAccess).
!
Instruction Scope
Runtime instructions tell the user to permanently write long‑lived AK/SK into shell rc files (~/.bashrc, etc.), to run local scripts that create IAM roles (create_role.py) and to save role ARNs to ~/.tencent-cloudq/config.json. check_env.py performs remote version checks by invoking 'clawhub inspect' and will call the API to validate keys. While the SKILL.md claims role creation only after explicit consent, the guidance to persist long-lived keys in shell config and the inclusion of a role creation workflow + policy attachment are scope-expanding and risky if not fully justified.
Install Mechanism
There is no external download/install spec (no arbitrary archives/URLs); the skill bundle includes Python scripts and docs which run locally. No installer that fetches code from unknown hosts is present, lowering install-time risk. However the bundle includes executable scripts that will run networked API calls and may modify local config files when used.
!
Credentials
Requiring the Tencent Cloud AK/SK is expected for calling the Advisor API. But the SKILL.md insists on permanently exporting long‑lived keys into shell startup files (recommendation to append to ~/.bashrc), which is not necessary if temporary STS tokens can be used and increases theft risk. The role creation step mentions attaching policies (QcloudTAGFullAccess and QcloudAdvisorFullAccess) — TAG full access appears broader than what 'Advisor' data retrieval would logically require; this is disproportionate and inconsistent with other claims in the docs that emphasize read-only behavior.
Persistence & Privilege
The skill does store a small config (~/.tencent-cloudq/config.json) with role ARN and account UIN and sets restrictive file permissions. always:false and normal invocation settings (autonomous invocation allowed) are appropriate. The skill does not request permanent platform-level privileges, but it will request IAM operations during role creation (with user consent).
What to consider before installing
This skill is plausibly a real Tencent Cloud Advisor integration, but there are clear inconsistencies and risky recommendations you should resolve before installing: - Ask the author to justify the 'clawhub' dependency (check_env.py runs `clawhub inspect`) or add it to required binaries; otherwise version checks may fail or run unexpected commands. - Confirm exactly which IAM policies will be attached by create_role.py and why QcloudTAGFullAccess (tag full access) is necessary — prefer least-privilege (read-only) policies if the skill only needs to read Advisor data. - Avoid writing long-lived SecretId/SecretKey into ~/.bashrc/.zshrc. Prefer using temporary STS tokens (TENCENTCLOUD_TOKEN) or instruct users how to store keys securely (OS secret manager) and rotate them regularly. - Review the scripts (especially scripts/create_role.py, scripts/tcloud_api.py, scripts/cleanup.py) in a safe environment to verify they only call official Tencent endpoints (advisor.tencentcloudapi.com / cloud.tencent.com) and do not transmit secrets elsewhere. - Because source/homepage are unknown, prefer running the skill in an isolated/test account (with minimal privileges) first, and only grant/create roles after you manually inspect the role creation payload and consent. If the author can clarify the clawhub usage, reduce attached policy scope to the minimum required, and provide a clear secure key-handling alternative, the incoherences would be largely resolved.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cvtgpnrn0xmhde2n6gg2b7983gtbn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

☁️ Clawdis
Binspython3
EnvTENCENTCLOUD_SECRET_ID, TENCENTCLOUD_SECRET_KEY

Comments