CNBlogs Publisher
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: cnblogs-publisher Version: 1.0.1 The skill bundle provides legitimate functionality for managing CNBlogs articles via the MetaWeblog API, but contains several security vulnerabilities. Multiple scripts (e.g., delete_post.py, save_draft.py, publish.py) explicitly disable SSL certificate verification using ssl._create_unverified_context(), which exposes the user to Man-In-The-Middle (MITM) attacks. Additionally, the test script tests/test_all.sh contains hardcoded credentials, including a MetaWeblog access token and username. While these appear to be developer oversights rather than intentional malice, the lack of input sanitization and weak transport security meet the criteria for a suspicious classification.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone with the skill artifacts may see or use the embedded token, and running included tests may authenticate as that account rather than the installing user.
The test script embeds a concrete CNBlogs username and access token rather than requiring the user to provide their own credential at runtime.
export CNBLOGS_USERNAME="suyang320" export CNBLOGS_TOKEN="039893...7806A"
Remove the hardcoded token and username immediately, rotate the exposed CNBlogs MetaWeblog token, and require user-provided environment variables for all authenticated actions.
If a user or agent runs the test script, it could alter an existing CNBlogs article tied to the embedded credentials.
The bundled test script performs a real update operation against a fixed post ID, not a dry-run or mock target.
python3 scripts/update_draft.py 19718794 test_article.md "OpenClaw,测试,更新"
Replace live-account tests with mocked API tests or require an explicit user-supplied test post ID and confirmation before any mutation.
A network attacker could more easily intercept or tamper with API traffic, potentially exposing the blog token or changing post operations.
The script disables TLS certificate verification for XML-RPC calls that later send the CNBlogs username and token; the same pattern appears in several other scripts.
self.context = ssl._create_unverified_context()
Use default verified HTTPS certificate handling and only add custom certificate configuration when strictly necessary and explicitly documented.
Users may trust the credential-handling claims and miss that the package actually ships with an embedded token.
The documentation claims tokens are not hardcoded, but the provided tests/test_all.sh artifact contains a hardcoded CNBlogs token.
使用环境变量存储,不硬编码
Correct the documentation and artifacts so they match: remove embedded credentials, document required env vars in metadata, and avoid making unsupported security claims.
The agent has documented permission to run pip3 commands even though no dependency installation is shown.
Python execution is expected for this script-based skill, but pip3 access is broader than the provided standard-library implementation appears to require.
allowed-tools: Bash(python3:*), Bash(pip3:*)
Limit allowed tools to the commands needed for normal use, ideally Bash(python3:*) only, unless package installation is truly required.