Skillv1.0.0

ClawScan security

115电影自动监控下载 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 29, 2026, 3:00 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly matches a movie-monitoring/downloading pipeline, but there are multiple incoherences (missing Node requirement, hardcoded paths/IDs/API key, writes to system paths, disabled SSL verification) that warrant review before installation.
Guidance: This skill appears to implement the stated movie-monitor + 115 + NAS pipeline, but I found several red flags you should address before installing or running it: 1) Node dependency missing: the Python scripts call /usr/bin/node and an external renamer script (115.js). Ensure you have Node and the renamer present, or edit the code to avoid node calls. 2) Hardcoded paths and IDs: many scripts use /home/skyone/.openclaw/... and a fixed CLOUD_CID — change these to your own paths and verify the CID is correct. 3) Embedded secrets: copy_and_rename_movies.py includes a TMDB API key and config.py contains a COOKIES string and Telegram token placeholders; verify the origin of that TMDB key and remove or replace any hardcoded credentials with your own. 4) Cookie handling: the skill requires you to paste your 115 cookie into a JSON file — that is necessary for the 115 API but is sensitive; store it securely and understand that the scripts will use those cookies to perform API calls on your account. 5) Network/SSL behavior: TMDB requests use requests.get(..., verify=False) in fallback logic — this disables SSL verification for some flows; consider changing to verify=True. 6) File and permission effects: the scripts write logs to /var/log and move/copy files on /mnt mount points; run under a user account with limited privileges and ensure mount points and permissions are correct to avoid accidental system-wide modifications. 7) Code quality issues: minor bugs (e.g., malformed FILENAME_TEMPLATE) and inconsistent paths suggest this was developed on another machine and may require adaptation. Recommended next steps: review and adjust all hardcoded paths and keys, remove or replace embedded credentials, add Node to the declared requirements or remove node usage, run the code in a controlled environment (non-root, test NAS mount or dry-run), and ask the skill author for provenance of the TMDB key and the 115-renamer node script before trusting it with your 115 account or NAS.

Review Dimensions

Purpose & Capability: concernThe name/description (monitor 6v520, filter by rating, add to 115, copy to NAS, rename, scrape TMDB) aligns with the scripts' functionality (scraping, 115 API client, NAS copy, renaming, TMDB scraping). However the declared runtime requirements only list python3 (and pip packages), while many scripts invoke Node (/usr/bin/node) and a separate Node renamer script is assumed present. Several code files reference hardcoded constants (CLOUD_CID, RENAMER_SCRIPT paths like /home/skyone/.openclaw/...) that are not explained in the SKILL.md and may not match a user's environment.
Instruction Scope: noteSKILL.md instructs the agent to read/save a 115 cookie JSON, access specific mount points (/mnt/public/CloudDrive/115open/云下载, /mnt/media/115 etc.), create cron jobs, and run the provided Python scripts. That mostly matches the code which reads/writes pending.json, processed files, and log files. The instructions document Node-based renamer as 'optional' and show where to put its cookie/115.js, but the Python scripts call the renamer unconditionally in multiple places (subprocess node calls), so the skill's runtime behavior requires that Node script to exist or those calls will fail. The instructions also do not call out that the scripts will write to /var/log/ and other system paths or that some HTTP calls disable SSL verification (see code), which affects network behavior.
Install Mechanism: concernThis is instruction-only (no packaged installer) and uses pip for Python dependencies (requests, beautifulsoup4, lxml) which is reasonable. But the code relies on an external Node-based renamer (not packaged or installed by the skill) and calls /usr/bin/node; Node is not listed in required binaries. There are no downloads from untrusted URLs in the install spec, but absent an install step for the Node script and missing guidance to install Node creates operational and safety ambiguity.
Credentials: concernrequires.env is empty, but the scripts access and rely on sensitive local state and possible secrets: they ask the user to save 115 cookies (authentication tokens) in a file (expected for 115 API use) and write/read that file; config.py contains placeholders and even a hardcoded COOKIES string and TELEGRAM token/chat id fields; copy_and_rename_movies.py embeds a TMDB API key (tmdb_api_key: "761b40a8cb731a3536972c14ef8fbb80") and a fixed CLOUD_CID and RENAMER_SCRIPT path. The code reads proxy environment variables (HTTP_PROXY etc.) and will try them. The skill therefore touches credentials and network access beyond the declared environment variables; the hardcoded API key and cookie constant are especially suspicious and should be validated with the provider/author before use.
Persistence & Privilege: notealways:false (good). The skill is not force-installed, but it does write persistent files under ~/.openclaw/scripts/movie-monitor (state.json, pending.json, processed logs) and to /var/log/movie_pipeline/ and to custom processed files under the user's home. It also expects and manipulates files on mounted NAS paths. It does not attempt to modify other skills or system-wide agent configuration, but it does require ongoing access to user cookie files and filesystem mounts to operate.