Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
SCNet Chat
v2.0.12通过自然语言交互管理 SCNet Chat 超算平台,支持区域切换、用户信息查询、账户余额查询、作业管理和文件管理。
⭐ 1· 283·0 current·0 all-time
by孙金刚@wiltonmotta
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's stated purpose (manage SCNet HPC) legitimately requires SCNet credentials and access to the platform's APIs. However the registry metadata lists no required environment variables or config paths while the SKILL.md and code clearly require a ~/.scnet-chat.env file with SCNET_ACCESS_KEY, SCNET_SECRET_KEY, and SCNET_USER. That mismatch (metadata claims no secrets/config; code requires them) is incoherent and could lead users to supply credentials outside of expected platform flows.
Instruction Scope
Runtime instructions and code read ~/.scnet-chat.env, create cache files in the user's home directory (e.g. ~/.scnet-chat-cache-<user>.json), and auto-initialize/refresh cache which triggers network calls to SCNet endpoints. The scripts spawn subprocesses to run other included Python modules (subprocess.run is used to invoke internal scripts). All of these actions are consistent with the stated functionality, but the automatic cache initialization will perform network calls using the provided credentials and create local token cache files without additional prompts.
Install Mechanism
There is no formal install spec in the registry (instruction-only in metadata), but the package contains multiple Python modules. The SKILL.md recommends installing aiohttp (pip). Because code is bundled with the skill and will be executed locally, users should review the included source before running; lack of an install script reduces supply-chain risk but does not eliminate the need to inspect code.
Credentials
The code requires SCNET_ACCESS_KEY, SCNET_SECRET_KEY, and SCNET_USER stored in ~/.scnet-chat.env (secrets used to request tokens). Those credentials are proportional to the purpose, but the registry metadata does not declare any required env vars or config paths, which is an inconsistency: the skill will ask for/consume secrets that are not advertised in its metadata. This omission reduces transparency and could cause users to place credentials in a local file without platform-managed safeguards.
Persistence & Privilege
The skill does not request always:true, does not alter other skills, and only writes local cache/config files in the user's home directory. It can be invoked autonomously by the agent (platform default), but that is expected for skills and is not by itself flagged here.
What to consider before installing
Before installing or running this skill: (1) Inspect the source files included with the skill (they are bundled) to confirm behavior. (2) Be aware you must create ~/.scnet-chat.env containing your SCNET_ACCESS_KEY and SCNET_SECRET_KEY — the registry listing does not declare these secrets, so the skill will read credentials from your home directory rather than from platform-managed secret fields. (3) The skill will create token cache files (e.g. ~/.scnet-chat-cache-<user>.json) and will auto-initialize the cache (making HTTPS requests to api.scnet.cn / www.scnet.cn) when run; run it in an isolated environment if you are unsure. (4) Set the config file permissions (chmod 600) and avoid placing long-lived sensitive credentials in locations with broad access. (5) The code uses subprocess.run to execute included scripts (not arbitrary shell input), network calls to SCNet domains, and decodes JWTs — these are expected for the functionality but review to confirm no unexpected endpoints or behavior. (6) If you expect the platform to manage credentials, request that the author update the registry metadata to declare required env/config and preferably support platform secret storage instead of an unadvertised home-file config. If anything is unclear or you cannot verify the repository origin (repo URL in SKILL.md: https://github.com/wiltonMotta/scnet-chat), treat the skill as untrusted until provenance and metadata are corrected.Like a lobster shell, security has layers — review code before you run it.
latestvk97dmer28bvrrew71vtnt86sch845ncn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.