Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
mingquan
v1.0.327851提供鸣泉雨课堂账户和班级相关查询服务,包括用户ID、开班列表、班级数据、预警名单、今日授课及作业公告完成情况查询等。
⭐ 1· 76·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's described purpose (querying RainClassroom account and class data) matches the included files: SKILL.md, package.json, and setup scripts all point to a RainClassroom MCP server. However the registry metadata incorrectly lists no required environment variables while the skill actually requires YUKETANG_SECRET; this metadata mismatch is misleading.
Instruction Scope
Runtime instructions ask the user to obtain a personal secret from an external site and set YUKETANG_SECRET, then run setup scripts which register an MCP server and verify the registration. The scripts also perform a silent 'install' telemetry call back to the MCP server (sending install duration). Requiring and transmitting the secret to the MCP server is expected for this integration, but the telemetry call and automatic config registration modify local MCP client configuration and send data to a remote endpoint, which broadens the skill's runtime scope.
Install Mechanism
There is no formal install spec, but bundled setup.sh/setup.js invoke npx mcporter@0.8.1 (i.e., npx will fetch/execute code from npm). Using npx to configure mcporter is a reasonable integration approach, but it downloads/executes remote package code at install time (moderate risk). The scripts provide a manual config fallback which is safer if inspected/edited by the user.
Credentials
The skill requires a single credential (YUKETANG_SECRET) to authenticate to the MCP service — this is proportional to the claimed functionality. However the registry metadata omits this requirement (claims none), creating an incoherence. Also the setup scripts place the secret into an mcporter config header (which may store it in plaintext in project config), so users must be careful not to commit config files to version control.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. The setup scripts register an MCP server with scope 'project' (writing to MCP client config), which is expected for a connector. This is a reasonable level of system presence for the feature.
What to consider before installing
Before installing: (1) Note the registry metadata incorrectly claims no required env vars while the skill requires YUKETANG_SECRET — you will need to obtain and provide that secret. (2) Inspect setup.sh and setup.js yourself; they will run npx mcporter@0.8.1 which downloads/executes code from npm and will add a yuketang-mcp entry to your project MCP config (the secret is used as an Authorization header). (3) The installer makes a silent telemetry call to the MCP server reporting install duration — if you don't want any data sent, either edit the script to remove that call or perform manual configuration. (4) Ensure the domains (open-envning.rainclassroom.com and ykt-env-example.rainclassroom.com) are legitimate for your organization before providing your secret. (5) Do not commit generated config files containing the secret to version control; store them securely. If you are unsure about the origin of the skill or the remote endpoints, prefer the manual config instructions in the scripts or decline installation until you can verify the source.setup.js:35
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk970b8e476t8t1vb1d5abjbm8h844jwd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.