ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Byted Vefaas Skills

v1.0.0

Deploy and manage serverless applications on Volcengine veFaaS. Use when the user wants to deploy web apps, manage functions (pull code, upload and deploy),...

0· 38·0 current·0 all-time
by@volcengine-skills
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with the instructions and cookbooks: all commands are about installing and using the veFaaS CLI to deploy and manage functions, set env vars, pull/push code, and view configs.
Instruction Scope
The SKILL.md and cookbooks instruct running many vefaas CLI commands (login, deploy, env import, pull, inspect) and reading/writing local files (.vefaas/config.json, ~/.vefaas/logs/, .env). This is expected for a deployment CLI, but the docs explicitly recommend importing .env files and note debug logs include full JSON responses — both can expose secrets if mishandled. Also the SKILL metadata does not declare the environment variables that the docs recommend using.
!
Install Mechanism
There is no registry install spec; the SKILL.md recommends running npm i -g against a direct tarball URL (https://vefaas-cli.tos-cn-beijing.volces.com/volcengine-vefaas-latest.tgz). Installing an npm package from an arbitrary tarball executes remote code and is higher risk than installing from a well-known registry or verified release host. The tarball host appears vendor-specific but the package origin is not verifiable from the skill metadata (no homepage/source).
!
Credentials
Skill metadata declares no required env vars, yet the docs reference VOLC_ACCESS_KEY_ID, VOLC_SECRET_ACCESS_KEY, VOLC_SESSION_TOKEN and provide AK/SK login examples. The CLI saves credentials to ~/.vefaas/auth.json and debug logs are said to include full JSON API responses — this combination increases the risk that secrets are stored or logged locally. The credential requests are proportionate to the stated purpose, but the metadata mismatch and potential for sensitive data in logs/configs are notable.
Persistence & Privilege
The CLI stores config and auth in ~/.vefaas/ and project-level .vefaas/config.json; always=false (no forced global inclusion). Persisting credentials/config is normal for a CLI, but users should be aware credentials and full debug output may be written to disk.
What to consider before installing
This skill appears to be a normal guide for the Volcengine veFaaS CLI, but there are a few red flags you should consider before installing or running its commands: - Source provenance: the skill gives an npm tarball URL rather than a GitHub release or well-known package registry and the registry metadata has no homepage or source. Verify the install URL with an official Volcengine/veFaaS page before running it. - Installing risk: npm i -g <tarball> will execute code from that tarball. If you can't confirm the origin, avoid installing globally on your main machine; consider using an isolated environment (container/VM) or inspecting the tarball contents first. - Credentials and secrets: the docs instruct uses of VOLC_ACCESS_KEY_ID/VOLC_SECRET_ACCESS_KEY, SSO, and importing .env files. Expect credentials to be stored under ~/.vefaas/auth.json and debug logs to contain full API responses — review and secure those files and avoid importing files that contain unnecessary secrets. - Least privilege: if you must use AK/SK, create keys with minimal privileges (not root/admin) and rotate them after use. - Audit logs/config: after use, inspect ~/.vefaas/ (logs and auth.json) and remove any sensitive files you don't want persisted. Prefer SSO or short-lived STS tokens where possible. If you cannot verify the install URL or vendor provenance, do not install globally on a trusted host.

Like a lobster shell, security has layers — review code before you run it.

latestvk9741h3se79gxaas9emwjz6mkn83xw9g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments