Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Brown Dust 2
v1.1.1Brown Dust 2 全自动工具 — 每日/每周签到 + 活动出席签到 + 兑换码全自动兑换。触发词:BD2、棕色尘埃、brown dust、签到、兑换码、redeem。
⭐ 0· 217·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description, README, SKILL.md and the two scripts are coherent: signin.py uses a Web Shop accessToken to call the webshop API; redeem.py scrapes BD2Pulse and posts codes to a redeem API. However, the redeem API URL in scripts (https://loj2urwaua.execute-api.ap-northeast-1.amazonaws.com/...) is not the same host as the webshop API/domain referenced elsewhere (bd2.pmang.cloud) and is not documented in README/SKILL.md as an official endpoint — this is unexplained and could be either a legitimate gateway or a third‑party proxy.
Instruction Scope
SKILL.md and persona.md instruct the agent to open the user's browser, snapshot the page, and evaluate JS to extract localStorage.session-session.accessToken. That action will expose the user's authenticated accessToken to the agent (and to any runtime that logs or transmits agent context). The agent is also told to capture snapshots (maxChars up to 30000), which may include other page state. These steps are functionally necessary to obtain the token but are sensitive and should be explicit to the user.
Install Mechanism
No install spec; instruction-only with included Python scripts. No downloads, no package installs, no archive extraction — low installation risk.
Credentials
The skill requests no environment variables or external credentials but requires access to the user's browser session to extract a bearer token and writes that token to a local file (.token). Accessing and storing a bearer token is proportionate to performing sign-ins, but it is sensitive: the token grants the ability to act as the user on the Web Shop. The redeem flow also transmits the user's nickname and codes to an AWS execute‑api endpoint whose ownership is unclear.
Persistence & Privilege
No 'always: true'. The scripts save a .token and .nickname file inside the skill workspace (normal for credentials/config). The skill does not request system-wide configuration changes or other skills' credentials.
What to consider before installing
This skill appears to implement the advertised features, but it needs your Web Shop accessToken (it instructs the agent to extract it from your browser's localStorage) and it posts redeem requests to an AWS execute-api endpoint whose operator is not documented. Before installing: 1) Understand that providing the accessToken lets the skill (and any agent runtime that sees it) act on your Web Shop account — only proceed if you trust the skill source. 2) Inspect the redeem endpoint (loj2urwaua.execute-api.ap-northeast-1.amazonaws.com) and confirm its legitimacy; ask the author why it's used instead of the official domain. 3) If you proceed, prefer manual token entry rather than automated extraction, store the token with minimal file permissions, and rotate/revoke the token if you stop using the skill. 4) Run the scripts locally first and review network calls (e.g., via a proxy) if you have doubts. If you cannot verify the redeem endpoint or trust the owner, do not provide your token.Like a lobster shell, security has layers — review code before you run it.
BrownDust2vk97abw1d4wzr8f2fja97khth9182v6e2automationvk97abw1d4wzr8f2fja97khth9182v6e2brown-dust-2vk97abw1d4wzr8f2fja97khth9182v6e2dailyvk97abw1d4wzr8f2fja97khth9182v6e2gamingvk97abw1d4wzr8f2fja97khth9182v6e2giftcodevk97abw1d4wzr8f2fja97khth9182v6e2korean-gamevk97abw1d4wzr8f2fja97khth9182v6e2latestvk97bfmcdntch5y9ypf72rwt3b5837k42mobile-gamevk97abw1d4wzr8f2fja97khth9182v6e2openclawvk97abw1d4wzr8f2fja97khth9182v6e2rpgvk97abw1d4wzr8f2fja97khth9182v6e2signinvk97abw1d4wzr8f2fja97khth9182v6e2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.