Baidu Pan Upload
AdvisoryAudited by VirusTotal on Apr 23, 2026.
Overview
Type: OpenClaw Skill Name: baidu-pan-upload-skill Version: 1.1.0 The skill provides a legitimate utility for uploading files to Baidu Pan, supporting large file chunking and resume functionality. The core logic in `scripts/upload.py` implements the standard Baidu Pan API flow (precreate, upload chunks via curl, and merge) and manages upload states locally in a `.upload_state.json` file. While there is a minor coding error in the `precreate_file` function (attempting to MD5 a remote path string), it is immediately deleted and does not impact security. The script uses system `curl` safely via subprocess list arguments, and no evidence of data exfiltration to unauthorized endpoints or malicious prompt injection was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You have less independent provenance information about who maintains the uploader.
The skill has limited provenance information. Because the code is included and the behavior is disclosed, this is a transparency note rather than a concern.
Source: unknown; Homepage: none
Inspect the included script before running it, especially because it handles cloud credentials and local files.
Using the skill will run local Python code and curl, and will send the chosen file chunks to Baidu Pan.
The helper runs curl locally to upload chunks. This is central to the skill’s purpose and uses argument arrays rather than shell strings, but it is still local command execution.
result = subprocess.run(['curl', '-s', '-X', 'POST', full_url, ... '-F', f'file=@{chunk_filepath}', ...])Run it only in an environment where Python and curl are trusted, and confirm the local file path before invoking the upload.
A mistaken remote path or overwrite flag could change or replace files in the connected Baidu Pan account.
The skill can mutate Baidu Pan storage, including overwriting same-name files when the user supplies --overwrite. This is disclosed and purpose-aligned.
| --overwrite | 覆盖同名文件(默认不覆盖) |
Double-check the remote directory and avoid --overwrite unless replacement is intended.
Anyone who can read the .env file or token may be able to act on the connected Baidu Pan account within the token’s permissions.
The skill requires Baidu Pan API credentials to authorize uploads. This is expected for the integration, but it grants access to the linked account.
已有百度网盘开放平台授权(access_token有效),.env文件含AccessToken、AppKey、SecretKey。
Protect the .env file, use the least-privileged Baidu app/token available, and revoke or rotate tokens if they are exposed.
The source directory may contain temporary upload metadata revealing file paths, remote paths, and upload identifiers if an upload is interrupted.
The uploader persists resume metadata beside the source file. It does not appear to store credentials, but it records local and remote file information and is reused for resume decisions.
STATE_FILENAME = '.upload_state.json' ... 'local_file': os.path.abspath(local_file), ... 'remote_path': remote_path, 'upload_id': upload_id
Keep the source directory private and delete .upload_state.json if you want to reset or remove resume metadata.