ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

清华网络学堂自动化

v1.0.0

自动登录清华网络学堂,查看待办事项,下载课件,提交作业,并批量标记课件已读,支持无人值守操作。

1· 52·0 current·0 all-time
by@tomuiv

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for tomuiv/tsinghua-learn.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "清华网络学堂自动化" (tomuiv/tsinghua-learn) from ClawHub.
Skill page: https://clawhub.ai/tomuiv/tsinghua-learn
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install tsinghua-learn

ClawHub CLI

Package manager switcher

npx clawhub@latest install tsinghua-learn
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Overall the code implements the stated purpose (login, check todos, download files, submit/mark as read, Playwright-based supervised + auto login). Requesting a username/password and storing session cookies is expected for this functionality. However several files use hardcoded absolute paths (e.g., C:\Users\TOM\... and D:\testclaw\...) that do not align with the SKILL.md's described local layout and the rest of the scripts that use relative skill paths; this mismatch is unexpected and may cause files to be written/read outside the skill directory.
!
Instruction Scope
SKILL.md claims the bot will 'automatically create credentials.json' and that credentials are asked interactively, but _config.load_credentials actually requires credentials.json to exist (it raises if missing). The skill persists session cookies, browser profile, and fingerprint data to disk and instructs the user to perform a one-time supervised browser trust step; this grants the skill long-lived access to the user's Learn account. Several scripts reference absolute system paths (both C:\ and D:\) which broaden the file I/O footprint beyond the declared skill directory. These behaviors go beyond a simple read-only 'helper' and include persistent state and sensitive data storage.
Install Mechanism
There is no formal install spec, but the bundle includes an install_playwright.py helper which runs 'python -m playwright install chromium' and will download browser binaries at runtime. Using Playwright is reasonable for browser automation, but it results in large external downloads and executable components being installed when scripts are run—something to be aware of.
!
Credentials
The skill does not declare environment variables, but requires a plaintext credentials.json containing username/password. That is necessary for automated login but is high-risk: credentials are stored on disk in cleartext. Additionally, some modules reference a fingerprint file and session files at absolute locations (e.g., FINGERPRINT_FILE = 'D:\testclaw\learn_fingerprint.json' and SESSION_FILE = 'D:\testclaw\learn_session.json' inside learn_api.py), which is disproportionate and inconsistent with other scripts that use the skill's own sessions/ and profiles/ directories. This could cause sensitive data to be read from or written to unexpected system locations.
!
Persistence & Privilege
The skill persistently stores cookies, XSRF tokens, browser profile data and fingerprint JSON and relies on those to perform 'unattended' logins. While this matches the stated unattended operation, it grants the skill ongoing access to the user's account and a long-lived credential-like artifact on disk. always:false (normal), but autonomous invocation plus persistent session files increases the blast radius if the skill or host is compromised. The SKILL.md also enforces a single profile directory (profiles/learn_profile/) and forbids scattering files elsewhere, but the code's absolute paths violate that.
What to consider before installing
Key points to consider before installing or running this skill: - Sensitive data storage: The skill expects your Learn credentials and stores them in credentials.json in cleartext. If you provide your real student account, those credentials will exist on disk and could be read by other processes or backups. Consider using a dedicated/throwaway account instead of your primary account. - Persistent cookies & unattended access: The scripts persist session cookies, a browser Profile, and fingerprint info so the skill can operate without you. That gives long-lived access to your Learn account. If you stop trusting the skill, you must remove credentials.json, sessions/*.json, and the profiles/ directory to revoke access. - Mixed/absolute paths: Several scripts reference absolute Windows paths (C:\Users\TOM\..., D:\testclaw\...), while others use relative skill paths. This is a packaging bug but also a risk: data may be written to or read from unexpected locations. Before running, inspect and correct these paths so all state stays inside the skill folder (sessions/, profiles/). Grep for 'D:\' and 'C:\Users\TOM' and fix them. - Playwright download: Running the included install_playwright.py or the Playwright-based login scripts will download Chromium via Playwright. This is expected but will pull binaries from the internet. - SKILL.md vs code mismatch: The documentation claims the bot will create credentials.json automatically; in reality _config.load_credentials errors if the file is missing. You will likely need to create credentials.json manually or modify code to prompt securely. Practical steps: 1) Do not run this on a machine with sensitive data or on a production account. Prefer a VM/container or an isolated test account. 2) Inspect and (preferably) edit credentials.json handling: remove hardcoded paths, ensure the file lives under the skill directory, and consider encrypting the credentials if you must store them. 3) After any run, delete credentials.json, sessions/learn_session.json, profiles/learn_profile/ and any fingerprint files to revoke persistent access. 4) If you are not comfortable editing code, do not provide your primary account credentials—use a separate account. 5) If possible, prefer a supervised workflow (run login_supervised.py once interactively) and then delete credentials.json and profile data once session is established; or avoid unattended operation entirely. Because of the packaging inconsistencies and the risk of long-lived credential artifacts, treat this skill as suspicious until the absolute-path issues are resolved and credential handling is hardened.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ddy3y6550vc9d5xwyvyrwkn85h2tc
52downloads
1stars
1versions
Updated 2d ago
v1.0.0
MIT-0
@tomuiv
latest
Download

tsinghua-learn skill

清华网络学堂(learn.tsinghua.edu.cn)自动化助手——从登录、查看待办、下载课件到提交作业,一切均可对话完成。

如果你是人类,首次使用请务必阅读以下说明

本 skill 为清华网络学堂打造全自动助手——从登录、查看待办、下载课件到提交作业,一切均可对话完成。首次使用仅需提供学号和密码,之后完全无人值守。

它能做什么:

  • 查看待办:自动拉取本学期所有课程未读消息(作业/公告/课件/讨论/答疑/问卷),按截止时间和课程排序显示,再也不用手动一个个点开看
  • 下载课件:指定课程名称,课件自动发送到当前对话,下载后本地临时文件精准清除,不留痕迹
  • 提交作业:直接把作业文件发给机器人,它自动按指定格式(如姓名+学号)命名并提交,省去繁琐的网页上传流程
  • 批量标记已读:所有课程的未读课件,一键全部标记为已读

运行原理:

首次运行需手动完成一次浏览器验证(点击"是的,我信任浏览器"),之后所有凭证和浏览器指纹会保存到本地。之后所有操作由机器人自动完成,无需重复验证。

零、驻地规范(铁律)

所有网络学堂相关脚本必须写在 skills/tsinghua-learn/ 目录下,禁止散落到任何其他位置。

禁止位置:workspace 根目录、buffer/、其他 skill 目录。

一、文件结构

skills/tsinghua-learn/
├── SKILL.md                        ← 本文档
├── credentials.json               ← 账号密码(机器人自动创建,用户无需手动操作)
│
├── scripts/
│   ├── _config.py                  ← 凭证和路径加载器(所有脚本共享)
│   ├── learn_api.py                ← 所有 HTTP API 封装(详见文件内注释)
│   ├── login_supervised.py         ← 有人值守:首次建立 Profile + 2FA
│   ├── login_auto.py               ← 无人值守:日常调用,Session 失效自动续期
│   ├── todos_api.py                ← 查看待办:默认版(纯 API,并行请求)
│   ├── todos_dom.py                ← 查看待办:备用版(Playwright DOM)
│   ├── download_and_send_kj.py     ← 下载课件 + 发送 + 精准删除
│   ├── mark_kj_read.py             ← 批量标记课件已读
│   └── install_playwright.py        ← Chromium 浏览器安装
│
├── sessions/
│   └── learn_session.json          ← Session 文件(JSESSIONID + CSRF)
│
└── profiles/
    └── learn_profile/              ← 固定浏览器 Profile(cookies 持久化)

二、账号配置(首次使用)

机器人会主动询问用户的学号和密码,配置好后自动写入 credentials.json,之后所有脚本自动读取,无需重复操作。

三、双脚本登录架构

3.1 有人值守(supervised)

首次配置 / Session 彻底失效时使用。弹出浏览器窗口,若触发 2FA(企业微信/短信)需人工验证。

3.2 无人值守(auto)— 默认

日常调用。Session 有效时直接返回(<100ms),失效时自动用固定 Profile 续期,无需人工介入。

四、降级策略

todos_api.py / todos_dom.py
  → Session 无效 → login_auto.py(自动续期)
  → Profile 丢失 → login_supervised.py(手动 2FA)
  → Chromium 未装 → install_playwright.py

login_auto.py
  → Session 无效 → login_supervised.py

五、未读/未处理判断标准

模块API 字段过滤条件
作业ztzt == "未交" → 待提交
公告sfydsfyd == "否" → 未读("是"=已读)
课件isNewisNew == 1 → 未读
讨论/答疑htslhtsl > 0 → 有新回复
问卷全局 API pageListWks 返回未做问卷数量

最后更新:2026-04-26

Comments

Loading comments...