K241单词上传
WarnAudited by ClawScan on May 12, 2026.
Overview
The skill’s word-upload purpose is coherent, but it exposes a website password and gives the agent authority to change admin word records.
Install only if you are authorized to manage the K241 word site. Treat the embedded password as exposed, rotate it if real, and confirm every upload or admin update before allowing the agent to proceed.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone with the skill text can use the shared account, and the agent may make changes on the website under that identity.
The skill embeds a live-looking username/password and points to an admin page, while the metadata says there is no primary credential or required environment variable.
- 账号: `mick` / 密码: `vee` - 管理: `/admin_words.php`
Remove the hardcoded password, rotate the exposed credential, declare credentials properly, and require users to provide their own least-privileged login or token.
The agent could accidentally alter shared class vocabulary records or update the wrong word ID.
The instructions enable direct mutation of existing admin word records and ID enumeration, but do not clearly limit updates to user-approved records or require confirmation before changing existing data.
POST /admin_words.php ... action=update&word_id={id}&word={单词}&translation={翻译}&pinyin={拼音}` ... `或遍历所有 `editWord(id)` 对应的 id`Require explicit user confirmation before every upload or update, avoid broad ID traversal, validate the target word ID carefully, and document a recovery or rollback process.