百度网盘
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent Baidu Netdisk file-management skill, but it can log into your account, run a local CLI, modify or share cloud files, and keep large downloads running in the background.
Install this only if you want an agent to manage files in your Baidu Netdisk account. Use it on a trusted device, verify cloud paths before mutations or sharing, protect the bdpan token file, avoid automatic updates unless you trust the source, and monitor or stop any background downloads you start.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken command could move, rename, delete, overwrite, or share Baidu Netdisk files.
The skill intentionally grants the agent authority to make real cloud-file changes and create share links. This is purpose-aligned, but high-impact.
skill 可以调用 `bdpan` 进行 **删除 (rm)、移动 (mv)、重命名 (rename)、分享 (share)** 等操作,会直接修改您的网盘数据或对外产生分享链接。
Before approving sensitive operations, verify the exact source path, destination path, overwrite behavior, and whether a share link should be created.
Anyone with access to the local token file or the logged-in environment may be able to access the connected Baidu Netdisk account.
The skill requires delegated Baidu Netdisk account access and creates a persistent local token store.
登录后 `bdpan` 会将 OAuth access_token 等凭据以本地配置文件(默认 `~/.config/bdpan/config.json`)形式保存。
Use only on a trusted personal device, do not expose the config file in chats or repositories, and run logout/uninstall cleanup when finished.
Installing the skill can run a downloaded binary on the user’s machine.
The install script downloads a platform-specific bdpan installer and executes it locally. The script includes HTTPS, host allowlist, size, file-type, and SHA256 checks, but it remains local executable code.
curl -fsSL -o "${installer_path}" "${installer_url}" ... chmod +x "${installer_path}" ... "${installer_path}" --yesInstall only from a trusted environment, keep the checksum protections enabled, and do not bypass review unless you trust the Baidu CDN source and this skill package.
A manual update can change the installed skill files and future agent instructions.
The update script can fetch update metadata and copy downloaded files over the current skill directory. It has host allowlists, checksum requirements, zip validation, and agent-environment blocking, but it can still replace skill behavior when run.
CONFIG_API="https://pan.baidu.com/act/v2/api/conf?conf_key=bd_skills" ... cp -R "$tmp_extract_dir"/* "$SKILL_DIR/"
Run updates manually only when you intend to update, review prompts carefully, and avoid using --yes unless you have independently verified the update source.
A large download could continue consuming disk space and network bandwidth after the conversation turn ends.
Large downloads may continue after the agent response ends. This is disclosed and bounded to downloads, but it is persistent background activity.
当下载目标文件 > 50MB 时,skill 会使用 `nohup ... &` 在后台启动下载;**该进程在 Agent 回合结束后仍会继续运行**
Ask the agent to report the PID and log path for background downloads, and stop the process with kill if you no longer want it running.