critical
suspicious.env_credential_access
- Location
- hsciq-client.js:9
- Finding
- Environment variable access combined with network send.
HSCIQ MCP - 海关编码查询
AdvisoryAudited by Static analysis on May 12, 2026.
Overview
Detected: suspicious.env_credential_access
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
The agent could create a consultation record and send product details or images to HSCIQ and its human reviewers before the user clearly confirms that external submission is intended.
Why it was flagged
The instructions tell the agent to automatically submit product information and images to create an external consultation form when the AI is uncertain, without an explicit approval checkpoint.
Skill content
→ 调用 create_guilei_form,自动提交产品信息与图片,生成归类咨询单
Recommendation
Require explicit user confirmation before calling create_guilei_form, uploading images, posting discussion messages, or using any paid/consultation-related option; show the destination and exact fields/files first.
What this means
Anyone with access to the configured API key may be able to use the user's HSCIQ account capabilities exposed by the API, including viewing or creating consultation-related data.
Why it was flagged
The client uses the stored HSCIQ API key as delegated account authority for tool calls, which is expected for the service but sensitive.
Skill content
headers: { 'Content-Type': 'application/json', 'X-API-Key': CONFIG.apiKey }Recommendation
Use a dedicated HSCIQ API key, store it only in trusted local config or environment variables, and rotate it if exposed.
What this means
Product images and related business details may leave the local device and be shared with the HSCIQ provider and human classification experts.
Why it was flagged
The client reads selected local image files, base64-encodes them, and includes them in the API call for consultation creation.
Skill content
const data = fs.readFileSync(imgPath); ... data: data.toString('base64')Recommendation
Upload only files the user intentionally selected and is comfortable sharing externally; avoid confidential images or private documents.