ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Bili Checkin

v1.0.1

B站全自动签到工具 — 每日经验任务(登录+观看+分享+投币=65EXP/天)+ 直播间弹幕签到刷亲密度。支持UP主名字/UID查找直播间。触发词:B站签到、每日任务、bilibili checkin、升级、刷经验、弹幕打卡、刷亲密度。

0· 142·0 current·0 all-time
by@xiaoyiweio
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description, README, SKILL.md and the three Python scripts are coherent: they implement daily tasks (login/watch/share/coin) and live-room danmaku sending, plus a lookup tool. Network calls target Bilibili APIs and no unrelated cloud credentials or binaries are requested.
!
Instruction Scope
SKILL.md/README instruct running local scripts and saving cookies via CLI (expected). However persona.md explicitly tells the assistant to ask the user to '把这两个值告诉我' (tell me the SESSDATA and bili_jct in chat). That directs collection of sensitive credentials via chat rather than local CLI input, expanding scope to capturing secrets in the conversation. The scripts otherwise only read/write a local .cookies.json and call Bilibili endpoints.
Install Mechanism
No install spec; skill is instruction + bundled scripts. There are no downloads or external installers; code is pure Python standard library. Risk from install mechanism is low, though executing third-party scripts always requires user judgement.
!
Credentials
The scripts reasonably require the user's Bilibili cookies (SESSDATA and bili_jct) to operate, and they store them locally with file perms set to 600. However the skill declares no required env vars and the persona's instruction to request cookies via chat is disproportionate and unsafe: sensitive cookie values should not be collected in agent conversations. Also the skill supports an option (--do-coin) that will spend the user's coins, which is a financial side-effect users should be warned about.
Persistence & Privilege
always:false and the skill does not modify global agent settings. It persists credentials to {baseDir}/.cookies.json (permission set to 600) which is expected for this use-case, but persistence of sensitive cookies increases risk if the file is stored in a shared or backed-up location.
What to consider before installing
This skill appears to do what it claims (auto check-in and danmaku posting) and uses only official Bilibili endpoints, but it asks for highly sensitive cookies. Do NOT paste SESSDATA or bili_jct values into chat. Instead: (1) review the scripts locally to confirm endpoints and behavior; (2) run the provided CLI commands yourself on a local machine to save cookies (python3 scripts/checkin.py --save-cookie ...) rather than telling the agent; (3) be careful with the --do-coin option (it spends your coins); (4) confirm where .cookies.json will be stored and remove it when no longer needed or store it in a secure location; (5) consider running in an isolated environment if you are unsure. If you expect the agent to prompt for secrets, decline and input them only via your shell.

Like a lobster shell, security has layers — review code before you run it.

latestvk970fwwn7dfxk9r19dwzqd2fxd837gg7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments