by 安全扫描
OpenClaw
可疑
medium confidenceThe skill largely matches its stated purpose (Facebook/Instagram Graph API automation) but the runtime instructions access a local token cache file and an undeclared IG_ID value that are not declared in the skill metadata — this mismatch warrants caution before installing.
评估建议
This skill appears to be a straightforward Graph API cookbook, but review these points before installing:
- Sensitive file access: SKILL.md contains Python one-liners that read ~/.meta_tokens_cache.json to extract tokens and IG IDs. That file is sensitive and the skill metadata does not declare it. If you do not maintain such a file, the commands may fail; if you do, be aware the skill explicitly reads it. Consider removing or relocating that file or avoid using the 'Option B' cache approach.
...详细分析 ▾
ℹ 用途与能力
Name, description, required binaries (curl, python3), and required env vars (META_PAGE_ACCESS_TOKEN, META_PAGE_ID) align with Graph API tasks like posting, scheduling, and reading insights. Using python3 for small JSON parsing is reasonable. Nothing requested is wildly out-of-scope for a Meta Business Suite helper.
⚠ 指令范围
SKILL.md includes explicit runtime commands that will read ~/.meta_tokens_cache.json (Python one-liners) as an alternative credential source and also extracts IG_ID from that file. The skill metadata did not declare this config path or IG_ID as required, so the instructions cause the agent to read a sensitive local file not represented in the requirements. Instructions also include DELETE/post-management operations which require high privileges in the provided token — the doc shows those commands but does not emphasize least-privilege or audit guidance.
✓ 安装机制
Instruction-only skill with no install steps and no downloaded code; lowest-risk install mechanism. It relies on existing curl and python3 binaries as declared.
⚠ 凭证需求
Declared env vars (META_PAGE_ACCESS_TOKEN and META_PAGE_ID) are appropriate. However, the instructions also rely on a local token cache file (~/.meta_tokens_cache.json) and implicitly on IG_ID (not declared). That introduces undeclared sensitive input access. The skill requests access to a page access token that permits create/delete/comment operations — users should ensure the token scope is limited to what they expect.
✓ 持久化与权限
always is false and there is no install-time persistence or modification of other skills; the skill does not request permanent platform-level privileges. Autonomous invocation is allowed (platform default) but not combined with other high-risk flags.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.42026/2/23
Remove APP_SECRET/APP_ID references from skill instructions. Add homepage. Simplify token renewal docs.
● 可疑
安装命令
点击复制官方npx clawhub@latest install meta-business-suite
镜像加速npx clawhub@latest install meta-business-suite --registry https://cn.longxiaskill.com