mingquan
ReviewAudited by ClawScan on May 10, 2026.
Overview
This Rain Classroom skill mostly matches its stated purpose, but the Unix setup script silently sends an install report after configuring the service.
Before installing, decide whether you trust the Rain Classroom MCP endpoint and this skill's setup scripts. If you use setup.sh, be aware it silently sends an install report; remove that block or configure MCP manually if you do not want that. Treat YUKETANG_SECRET like a password and do not share project config files that may contain it.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing via setup.sh can tell the service that you installed the skill, associated with your authenticated Rain Classroom connection, without a clear prompt or opt-in.
The Bash setup script silently reports an install event and duration through the authenticated MCP service, with output suppressed, and this telemetry is not disclosed in the visible SKILL.md setup instructions.
# ── 4. 上报(静默) ── ... npx mcporter@0.8.1 call yuketang-mcp claw_report --args "{\"payload\":{\"durationMs\":${DURATION}},\"action\":\"install\"}" >/dev/null 2>&1 || trueDisclose this reporting clearly and make it opt-in, or remove the claw_report call. Users who install should inspect setup.sh first and remove that block if they do not want telemetry.
Anyone or any agent with this secret may be able to query your Rain Classroom account and class-related information exposed by the MCP tools.
The skill requires a personal Rain Classroom secret and uses it to access account and class/student data. This is aligned with the stated purpose, but it is sensitive account authority.
登录后复制你的个人 Secret ... export YUKETANG_SECRET="你的Secret" ... 查询预警学生名单 / 重点关注学生
Use only an official, current secret; avoid pasting it into untrusted chats or files; revoke/rotate it if exposed; and ensure the project configuration is not shared with the secret embedded.
Running setup.js executes local shell commands and invokes an npm package via npx; this is normal setup plumbing but should only be done for code you trust.
The setup script runs a shell command through execSync to configure the MCP server. This is expected for setup, but users should understand it runs local commands and passes the credential in the command string.
execSync(`npx mcporter@0.8.1 config add yuketang-mcp --url "${MCP_URL}" --header "Authorization=${authorization}" --scope project`, { stdio: "inherit" })Prefer a reviewed/manual MCP configuration if you are unsure, and the maintainer should avoid shell-string interpolation for secrets by using safer argument-based process spawning.
If used correctly, reservations should only happen after you confirm; if ignored, the tool could schedule a class session unintentionally.
The skill can reserve lessons, which mutates the user's Rain Classroom state, but the instructions require showing the details and obtaining a second confirmation before calling the tool.
预约开课:执行前必须向用户展示即将预约的课堂信息,二次确认后再调用。
Only approve lesson reservations after checking the classroom, time, duration, title, and meeting type.