Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
polyv-live-cli
v1.0.5管理保利威直播服务,包括频道管理、推流操作、商品管理、优惠券、回放、文档和统计数据。当用户需要管理直播频道、配置推流设置、管理商品、处理优惠券、查看直播数据或管理回放录像时使用。
⭐ 0· 145·0 current·0 all-time
byNEE@terryso
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name, description and the included reference docs consistently describe a CLI for managing Polyv (channels, streams, products, coupons, playback, stats, etc.). The commands shown (npx polyv-live-cli ...) match the stated purpose.
Instruction Scope
The SKILL.md explicitly instructs the agent to run npx polyv-live-cli@latest commands and to prompt the user for AppID/AppSecret (or use env vars). All instructions stay within the domain of managing the Polyv service; there are no instructions to read unrelated host files or to exfiltrate data. However the runtime behavior includes obtaining and executing remote code via npx and collecting credentials from the user, which expands the runtime trust surface.
Install Mechanism
There is no bundled install spec, but the allowed-tools and all commands use 'npx polyv-live-cli@latest'. That causes npx to fetch and execute code from the npm registry at runtime. The skill metadata lists no homepage/source URL and the package origin is unknown — running @latest without validation is risky. Using npx is common for CLIs, but unpinned @latest execution and lack of a verifiable homepage/source is a notable risk.
Credentials
The skill asks for AppID/AppSecret (and references POLYV_APP_ID / POLYV_APP_SECRET) which are appropriate for a live-management CLI. The manifest declares no required env vars, but the docs describe multiple authentication sources (CLI flags, env vars, session account, config directory). This is coherent, but users should be aware they will be asked to supply secrets and that the CLI stores credentials locally (references a ~/.npx polyv-live-cli@latest/ config path).
Persistence & Privilege
The skill is instruction-only, always:false, and does not request persistent platform privileges. It does not attempt to modify other skills or global agent settings. The only persistence implied is the CLI's own credential/config storage on the host (described in docs), which is expected for a CLI tool.
What to consider before installing
This skill is internally consistent: it documents a CLI for Polyv live-management and tells the agent how to use it. Before installing/using it, consider the following:
- The runtime instructions run 'npx polyv-live-cli@latest', which will fetch and execute code from npm (@latest) on demand. Fetching and running unreviewed remote packages is a security risk. Prefer to audit the npm package (check publisher, package page, repository, recent versions) before allowing execution.
- The skill’s metadata lacks a homepage/source; that increases risk. If you need this functionality, prefer obtaining the official polyv-live-cli package from a verified source, pin a specific version (not @latest), or install it yourself and run locally.
- The agent will ask for AppID/AppSecret (or accept env vars). Never paste high-privilege credentials into an agent you don't fully trust. If possible, use a scoped/test account with limited permissions, or supply credentials via secure CI secrets or an audited config file under your control.
- If you allow the agent to run these commands, monitor the credential storage location (~/.npx polyv-live-cli@latest/ per docs) and rotate keys if you later suspect misuse.
If you want, I can: (1) look up the npm package page and repository (if you provide the package name/URL), (2) produce a checklist of steps to safely run these commands locally instead of letting the agent run them, or (3) suggest safer alternatives (pinning version, manual install, running in isolated environment).Like a lobster shell, security has layers — review code before you run it.
latestvk97fdvn2ghyr0va9xvc9ejqk5h83zymp
License
MIT-0
Free to use, modify, and redistribute. No attribution required.