LLM数据自动化
PassAudited by VirusTotal on May 5, 2026.
Overview
Type: OpenClaw Skill Name: ai-llm-data-automation Version: 1.1.0 The skill bundle promotes a 'natural language to code' automation tool that is inherently risky due to its RCE-by-design nature. It contains multiple referral links to a third-party API provider (shadowai.xyz, ID: 1056448), suggesting a monetization motive. Furthermore, SKILL.md references several missing executable files (run.js, templates/sales-report.js) and encourages the high-risk practice of piping remote scripts to a shell (curl|sh) for environment setup.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If pointed at sensitive or important files, generated workflows could read, transform, overwrite, or export local data.
Filesystem access is expected for a CSV/Excel/PDF data-processing skill, but it gives the skill authority to work with local files selected by the user.
"permissions": [
"filesystem"
]Use a dedicated input/output folder, keep backups of original files, and review file paths before running generated workflows.
A cloud API key may allow paid model usage and may expose prompts or task details to the selected provider if used.
The skill documents an optional cloud LLM API key, while the registry declares no required credentials. This is purpose-aligned but should be visible to users before setup.
LLM_PROVIDER=openai API_KEY=your_shadowai_api_key
Use a dedicated, least-privilege API key, avoid placing unrelated secrets in the .env file, and prefer local Ollama for sensitive data when feasible.
Users may expect helper code that is not present in the reviewed artifacts, or may seek external code that was not part of this review.
The documentation references runnable helper scripts, but the provided manifest contains only claw.json, instructions.md, SKILL.md, and _meta.json. That creates a packaging/provenance gap rather than direct evidence of malicious behavior.
node run.js "读取sales.xlsx,按产品分类统计销售额,计算同比增长率" node templates/sales-report.js --input sales.xlsx --output report.xlsx
Do not run unreviewed helper scripts from outside the installed skill; verify any additional code source before use.
Incorrect or unsafe generated code could modify files, install packages, or process more data than intended if run without review.
Generating and running Python code is the core feature of the skill, but generated code execution can affect local files and environment state.
LLM会自动生成可运行的Python代码。... 自动生成完整Python代码,直接运行即可
Inspect generated code before execution, run it in a virtual environment or sandbox, and test on sample copies of data first.
Running remote shell installers can change the local system and depends on trusting the downloaded script and source.
This is a user-directed optional setup command for Ollama, but it downloads and executes a remote install script.
curl -fsSL https://ollama.com/install.sh | sh
Review Ollama's official installation instructions, verify the source, and avoid piping scripts to a shell if your environment requires stricter controls.
A scheduled data-processing job could repeatedly modify or export files until disabled.
The skill mentions scheduled automation. This is purpose-aligned, but scheduled jobs continue running after initial setup if the user configures them.
配合Cron或系统任务计划,实现数据处理任务自动化运行
Only schedule reviewed scripts, log their actions, and document how to disable the cron or system task.