Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
tke skill
v0.1.0腾讯云 TKE 容器服务运维专家,支持集群巡检、状态查询、节点池管理、kubeconfig 获取等
⭐ 0· 227·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the code and SKILL.md: the included tke_cli.py and instructions implement TKE cluster listing, status, endpoint and kubeconfig operations. However the registry metadata claims no required env vars/credentials while both SKILL.md and the CLI require TENCENTCLOUD_SECRET_ID / TENCENTCLOUD_SECRET_KEY (or --secret-id / --secret-key). That mismatch is an inconsistency that should be fixed.
Instruction Scope
SKILL.md confines runtime instructions to running the included tke_cli.py via Bash to call Tencent Cloud TKE APIs. It documents which commands are read-only and which (create-endpoint/delete-endpoint) are write operations. There are no instructions to read unrelated host files or call external endpoints beyond Tencent Cloud APIs.
Install Mechanism
No install spec (instruction-only) which reduces installer risk, but README and SKILL.md require the third‑party Python dependency tencentcloud-sdk-python-tke (pip). The package requirement is expected for this purpose, but the skill does not auto-install it — operators must run pip themselves. No downloads or unknown URLs are embedded in the skill files.
Credentials
The code and SKILL.md expect Tencent Cloud credentials (TENCENTCLOUD_SECRET_ID / TENCENTCLOUD_SECRET_KEY or CLI args), which is appropriate for TKE management. But the registry metadata incorrectly lists no required env vars or primary credential. Also the skill's allowed-tools include Write and Bash: writing kubeconfig or other output to disk is reasonable for this tool, but it means secrets or long-lived kubeconfigs could be persisted. The metadata omission makes it unclear to users and agent permission systems which secrets will be accessed.
Persistence & Privilege
always:false (not force-included) and autonomous invocation not disabled (default) — expected for a skill. The skill does not request system‑wide config paths or attempt to modify other skills. It may write kubeconfig/output when run, which is consistent with its purpose but should be treated carefully.
What to consider before installing
This skill implements legitimate Tencent Cloud TKE operations, but the package metadata failed to declare that it requires Tencent Cloud credentials (TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY). Before installing: 1) Confirm you are comfortable providing Tencent Cloud credentials — prefer short‑lived or least-privilege keys. 2) Ensure the agent's skill sandbox will not leak env vars or copy secrets into logs/shared outputs. 3) Manually inspect the full tke_cli.py (the file is mostly visible; verify the truncated tail contains no unexpected network calls or exec). 4) Install the dependency (pip install tencentcloud-sdk-python-tke) in a controlled environment. 5) If you want the agent to run this skill, consider only passing credentials via CLI args for single-use, or use temporary credentials and avoid storing long-lived secrets in the agent environment. The metadata author should be asked to update the skill to declare required env vars and document credential handling.Like a lobster shell, security has layers — review code before you run it.
latestvk9767xjwybsk437v85w3636vyx82r0cy
License
MIT-0
Free to use, modify, and redistribute. No attribution required.