ClawHub

Baidu Disk Helper

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims, but it gives an agent sensitive Baidu Netdisk access with weak safeguards around credentials and file-changing actions.

Install only if you are comfortable giving the skill access to your Baidu Netdisk. Before using it, protect or remove ~/.openclaw/workspace/bwp_config.json when not needed, treat generated download URLs as secrets, verify the script path, and require explicit confirmation before delete, move, rename, or directory-upload actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The file-management section includes rename, move, mkdir, and especially delete operations without a clear warning that these actions alter or remove user data. In an agent setting, documenting destructive commands without emphasizing confirmation and recovery implications increases the chance of accidental data loss or unintended remote file changes.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The upload instructions tell the agent to transfer local files or entire directories to Baidu Netdisk, but do not warn that this sends potentially sensitive local data to a third-party cloud service. In an agent workflow, omission of a privacy and scope warning can cause users to upload unintended or confidential content.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script stores the Baidu app secret, access token, and refresh token in a plaintext JSON file under the user's home directory without setting restrictive permissions or warning the user. If the local system is shared, compromised, or the file is backed up/logged insecurely, an attacker could recover long-lived credentials and gain unauthorized access to the user's Baidu account and files.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal