安全扫描
OpenClaw
安全
medium confidenceThe skill's instructions, required binaries, and behavior are internally consistent with its stated purpose (opening/authorizing an Alipay wallet) but requires caution because it will run CLI commands and auto-trigger provisioning without a second confirmation.
评估建议
This skill is internally consistent for enabling an Alipay wallet via a CLI tool, but review these points before installing or enabling it:
- Verify provenance: the SKILL.md claims it's "official" and points to a GitHub homepage, but the provided skill source is listed as unknown. Confirm the GitHub repo and the @alipay/agent-payment package are authentic and maintained by Alipay before running npx install.
- Be aware it runs shell commands (alipay-bot) and will perform network calls; ensure yo...详细分析 ▾
✓ 用途与能力
Name/description match the runtime instructions: the SKILL.md directs the agent to run alipay-bot CLI commands (check-wallet, apply-wallet, bind-wallet) to open/authorize an Alipay wallet. Declared requirement of npm aligns with the documented npx-based installation of the alipay-bot CLI.
ℹ 指令范围
Instructions are narrowly scoped to running the alipay-bot CLI and handling its outputs (text + MEDIA image). However the skill mandates automatic execution (no user re-confirmation) when check-wallet returns code=500 and demands verbatim output of CLI markdown/URLs. It also expects access to inbound message metadata (to set AIPAY_OUTPUT_CHANNEL) and to deliver images from CLI-generated temp paths. These behaviors are coherent with the purpose but have privacy/operational implications (automatic actions, verbatim signed URLs).
✓ 安装机制
Instruction-only skill with no install spec. It relies on system having npm and on the operator running npx -y @alipay/agent-payment@latest install-cli to install alipay-bot. This is reasonable and low-risk as long as the CLI being installed is obtained from a trusted/alipay source.
ℹ 凭证需求
The skill does not request credentials or persistent environment variables. It does require temporary use of AIPAY_OUTPUT_CHANNEL derived from inbound metadata and may rely on an optional AIPAY_AGENT_NAME provided by the framework or conversation context. It will invoke network operations via the CLI (which may require network connectivity) but does not itself request secrets — this is proportionate to its function.
✓ 持久化与权限
always is false and there is no install-time persistence specified. The skill does not request elevated platform-wide privileges or modify other skills' configs. Autonomous invocation (disable-model-invocation=false) is normal for skills and acceptable here.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.22026/4/16
- Updated required binaries: removed "alipay-bot" from env.requires.bins and now only require "npm". - Added "homepage" field to metadata for nanobot and openclaw, pointing to the official GitHub repo. - Clarified security and design section, clearly explaining URL output, MEDIA paths, and environment variables. - Adjusted output rules wording for clarity - No functional flow changes; all core logic and user flows remain unchanged.
● 可疑
安装命令
点击复制官方npx clawhub@latest install alipay-authenticate-wallet
镜像加速npx clawhub@latest install alipay-authenticate-wallet --registry https://cn.longxiaskill.com