Skillv2.1.0

ClawScan security

淘宝客全能工具箱 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 11, 2026, 3:00 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The SKILL.md asks you to store API keys and run Python scripts that are not provided or installed by the skill and the registry metadata doesn't declare the required env/configs — the manifest is internally inconsistent and could lead to confusion or accidental credential use/exposure.
Guidance: This skill's instructions expect API keys and local Python scripts, but the package contains only SKILL.md and no install steps or code. Before installing or running anything: 1) Do not copy/paste the API key values shown in the README into your environment — they may be sample, expired, or leaked credentials. 2) Ask the publisher for a proper install spec or the actual script files, and verify their origin (official repository, release tarball, or verified skill source). 3) Confirm which env vars are actually required and why, and prefer creating dedicated API keys you can revoke. 4) If you must test, run the scripts in a restricted sandbox (isolated VM/container) and monitor network calls to see which endpoints are contacted (the doc references zhetaoke.com). 5) If you cannot verify the source or obtain trustworthy install artifacts, avoid adding credentials to ~/.openclaw/.env or running unknown Python scripts — the current manifest is inconsistent and could lead to accidental credential exposure or running unreviewed code.

Review Dimensions

Purpose & Capability: concernThe described purpose (link conversion, price-compare, price-protect, commission tracking) reasonably requires platform API keys (Zhetaoke, JD, Taobao, PDD). However the skill metadata declares no required env vars or config paths while the instructions explicitly require multiple API credentials and a specific ~/.openclaw/.env path. That mismatch is an incoherence: either the metadata is incomplete or the instructions expect out-of-band setup.
Instruction Scope: concernThe SKILL.md tells the agent/user to run Python scripts from ~/.openclaw/workspace/skills/taobaoke-tool/scripts/*.py and to place credentials in ~/.openclaw/.env. There are no code files and no install spec in the package — the referenced scripts are not present. Instructions also reference remote API endpoints and include what appear to be hardcoded credentials/sample keys. Directing the user to run non-existent scripts and to store credentials without declaring them is scope creep and a practical risk.
Install Mechanism: concernThere is no install specification (instruction-only). Normally low risk, but because the instructions expect local Python scripts under the skill's workspace and no mechanism is provided to install or fetch them, the skill as-distributed is non-functional unless external steps are taken. That gap is a red flag: it requires manual file placement from an unspecified source.
Credentials: concernThe SKILL.md requires multiple API credentials (ZHETAOKE_APP_KEY, ZHETAOKE_SID, JD_UNION_ID, TAOBAO_PID, PDD_PID) and even includes specific key-like values inline. While platform API keys are plausible for the stated functions, the registry lists no required env vars/primary credential, and the inclusion of apparent real keys in the docs is risky and unexplained (could be sample/test keys or leaked secrets). The skill also instructs storing secrets in ~/.openclaw/.env which centralizes credentials — this should be made explicit in metadata and security guidance.
Persistence & Privilege: okThe skill does not request always: true and does not claim to modify other skills or system-wide settings. Autonomous invocation (disable-model-invocation: false) is platform default and not by itself a new concern. The main issue is missing install files rather than elevated privileges.