📦 McDonald's China assistant — 麦当劳点餐助手
v1.0.5专为中国用户打造的麦当劳智能助手,一键管理优惠券、外卖下单、营养规划,省时省钱又健康。
0· 573·4 当前·4 累计
by 下载技能包
最后更新
2026/4/22
安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
Do not install blindly. Specific things to check before using or installing: 1) Source provenance — the package lists no homepage and the owner/publisher is unknown; prefer packages from trusted repositories. 2) Metadata mismatch — the registry metadata claims no required env vars or binaries but SKILL.md/README require MCD_TOKEN and execute_bash; ask the publisher to correct metadata. 3) Limit exposure — create a dedicated, limited-scope test token for this skill and rotate/revoke it after test...详细分析 ▾
⚠ 用途与能力
The SKILL.md describes a McDonald's ordering/coupon/nutrition assistant and the required artifacts (MCD_TOKEN and an MCP endpoint) are coherent with that purpose. However, the registry metadata at the top of the package claims no required environment variables or credentials while SKILL.md and README explicitly require MCD_TOKEN and the execute_bash tool — this metadata mismatch is a significant incoherence. Also README version (2.0.0) doesn't match registry version (1.0.5), further reducing trust in provenance.
ℹ 指令范围
Instructions stay within the McDonald's MCP API domain (curl calls to mcp.mcd.cn and described read/write flows). The skill requires user confirmation before write actions, and the SKILL.md/SECURITY.md explicitly warn not to log the token. However: (1) the skill relies on execute_bash to run curl, which can execute arbitrary shell commands if misused; (2) MCD_MCP_URL is overridable, so a compromised or misconfigured environment could point requests at an attacker-controlled endpoint and leak the token; and (3) because this is instruction-only there is no enforcement that only the described curl commands will be executed.
✓ 安装机制
This is an instruction-only skill with no install spec or code to download, which minimizes disk-write/install risk. Nothing in the package auto-downloads or extracts external artifacts.
⚠ 凭证需求
The SKILL.md and README require a single sensitive credential (MCD_TOKEN) and optionally MCD_MCP_URL — that is proportionate for a service that must act on a user's McDonald's account. However, the registry metadata claims no required env vars, so the package metadata underreports sensitive requirements. Requiring execute_bash is functionally explainable (to call curl) but grants the ability to run arbitrary shell commands, raising risk for token exposure. The optional MCD_MCP_URL parameter also creates a plausible attack vector if set to a non-MCP host.
✓ 持久化与权限
The skill does not request persistent privileges (always:false), no config paths are declared, and it does not claim to modify other skills or system-wide settings. There is no automatic installation or persistent agent-level privilege requested.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.52026/2/26
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install mcdonald-order
镜像加速npx clawhub@latest install mcdonald-order --registry https://cn.longxiaskill.com