Skillv1.0.0

ClawScan security

云手机运管平台操作 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 3, 2026, 4:10 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions and requirements match its stated purpose (automating browser navigation and asking the user to place downloaded files into a workspace) but it targets an internal domain and assumes a specific workstation layout, so review before use.
Guidance: This skill appears to do what it says (drive a browser to your internal vcloud admin UI and help you download instance logs), but take these precautions before installing or using it: - Confirm you are authorized to access the internal domain (https://vcloud-admin.bytedance.net). The skill assumes an authenticated browser session; it will not provide credentials. - Be careful which files you download and copy into the workspace: instance logs can contain sensitive information. Only copy files you intend the agent to read. - Verify the workspace path (/Users/bytedance/.openclaw/workspace/) matches your environment; if not, change it or refuse to copy sensitive files there. - Because browser download dialogs and OS-level UI require manual interaction, expect the skill to prompt you for steps rather than fully automate them. - If you have concerns about exposing production data, perform these steps on a controlled/test instance or scrub logs before copying them into the workspace. Confidence is medium because the skill targets an internal service and has no source/homepage; these are explainable but worth verifying with your organization before use.

Review Dimensions

Purpose & Capability: okThe name/description match the runtime instructions: open the vcloud admin web UI, search instance IDs, open details, and guide the user to download logs. No unrelated binaries, installs, or credentials are requested. One note: the skill assumes an authenticated browser session (it does not request credentials) and a hard-coded workspace path (/Users/bytedance/.openclaw/workspace/), which ties it to a specific environment.
Instruction Scope: noteSKILL.md stays narrowly scoped to browser actions and guiding the user to download files and copy them into the workspace for the agent to read. It explicitly acknowledges UI and download limitations and asks the user to perform manual steps. Warning: it instructs downloading arbitrary file paths from instances (e.g., /data/misc/logd/logcat); those files may contain sensitive data and will be read by the agent once placed in the workspace.
Install Mechanism: okInstruction-only skill with no install steps or external downloads. Lowest install risk.
Credentials: noteNo environment variables, credentials, or config paths are requested, which is proportional for a browser-driven helper. However, the skill targets an internal Bytedance domain (vcloud-admin.bytedance.net) and hardcodes a local workspace path tied to a Bytedance user account. There is no explanation of how authentication to the internal site is handled (it implicitly requires an authenticated browser session).
Persistence & Privilege: okSkill is user-invocable, not always-enabled, and does not request elevated persistence or modify other skills/config. Autonomous invocation is allowed by platform default but not flagged here because it is not combined with broad credentials or other red flags.