Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
tencentcloud-tke-skill
v1.0.0腾讯云 TKE 容器服务全栈运维专家,支持集群管理、K8s 资源操作、Pod 排障、Helm 部署、TCR 镜像仓库管理
⭐ 0· 56·0 current·0 all-time
by腾讯开源@tencent-adm
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description describe a Tencent Cloud TKE + Kubernetes operator and the included Python tools (tke_cli.py, k8s_cli.py) implement that functionality. However the registry metadata declares no required env vars or binaries while the SKILL.md and the code clearly require TENCENTCLOUD credentials, kubeconfig (or KUBECONFIG/~/.kube/config) and external binaries (kubectl, helm). The missing declarations are an inconsistency.
Instruction Scope
SKILL.md instructs the agent to run the included Python scripts via Bash and to read environment variables and kubeconfig files. k8s_cli.py will search KUBECONFIG and ~/.kube/config and can fetch kubeconfig via tke_cli.py. Those behaviors are expected for this tool, but the instructions allow access to local kubeconfig files and environment variables that are not declared in the registry metadata, increasing the risk of accidental credential exposure.
Install Mechanism
No install spec (instruction-only) is provided; risk from installation is low. The skill does include code files that will be executed by the agent (Python scripts) but there are no downloads or archive extracts referenced. Users should still review the code before running.
Credentials
The code requires sensitive credentials (TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY) and access to kubeconfig files (which can contain cluster credentials). Those requests are proportionate to the stated purpose, but the registry metadata lists no required env vars — a discrepancy that can mislead users and cause them to supply high-privilege secrets unknowingly. Also kubectl/helm usage implies the ability to modify cluster state (including creating/deleting resources and exec into pods).
Persistence & Privilege
The skill is not always:true and does not request persistent platform-level privileges. It creates temporary kubeconfig files with restrictive file permissions (0o600) when fetching from TKE API. There is no evidence it modifies other skills or system-wide agent settings.
What to consider before installing
This skill appears to implement a legitimate TKE + Kubernetes CLI, but the registry metadata fails to declare the sensitive credentials and required binaries the scripts use. Before installing: 1) Review the two Python files (tke_cli.py, k8s_cli.py) yourself or have a trusted reviewer confirm there are no hidden network endpoints or exfiltration logic; 2) Only provide Tencent Cloud credentials with least privilege (scoped, temporary if possible); avoid using your root/owner keys; 3) Be aware the tool will read KUBECONFIG and ~/.kube/config (these contain cluster admin credentials); consider using a dedicated kubeconfig with limited rights; 4) Ensure kubectl and helm are the versions you expect and run the tool in an isolated environment if possible; 5) Ask the author/maintainer to update the skill manifest to declare required env vars (TENCENTCLOUD_SECRET_ID/TENCENTCLOUD_SECRET_KEY), and mention required binaries (kubectl, helm, python) so the metadata accurately reflects runtime needs.Like a lobster shell, security has layers — review code before you run it.
latestvk9773m62aqyky9rdrxbkt4dfzs84jrnp
License
MIT-0
Free to use, modify, and redistribute. No attribution required.