by 安全扫描
OpenClaw
可疑
high confidenceNULL
评估建议
What to consider before installing/running:
- The code expects OKKI CRM credentials and a config JSON in a path outside the skill (default ../../../xiaoman-okki/api/config.json) and will read a .env file at ../../../.env if present. The registry metadata does not declare these required credentials — assume the skill will look for and use local config files.
- The scripts will write persistent files (data/, logs/) inside the skill and will also write a token cache into the external OKKI_WORKSP...详细分析 ▾
⚠ 用途与能力
The skill claims to integrate with OKKI CRM (expected), and its scripts implement collection, scoring, strategy generation, and tag sync (coherent). However, the code expects an external OKKI workspace and config file (defaults to ../../../xiaoman-okki/api/config.json and ../../../.env) and will read/write token caches there. The published metadata lists no required environment variables or credentials — that is inconsistent and misleading.
⚠ 指令范围
SKILL.md tells the agent to run local scripts, which is consistent, but the scripts themselves load env files outside the skill, resolve environment variables from an external .env, read OKKI config from another workspace, and write token cache and logs there. They also call OKKI APIs to create/replace tags. These file reads/writes and cross-workspace accesses are broader than the simple 'run scripts' instructions imply.
✓ 安装机制
No install spec is present (instruction-only plus included scripts). No network downloads or package installs are performed by an install step, which reduces supply-chain risk. The runtime will execute shipped JS files with Node.js, so the main operational risk comes from the scripts' behavior rather than an installer.
⚠ 凭证需求
The skill requests no credentials in its metadata but the code expects OAuth client_id/client_secret and other OKKI configuration (read from OKKI config JSON and optional .env). It loads a .env file from ../../../.env into process.env if present and will write token cache into the external OKKI_WORKSPACE path — access to these secrets and files should have been declared and limited.
⚠ 持久化与权限
The skill does write persistent state: it writes data/*.json, logs, and — importantly — writes token cache files into an external OKKI_WORKSPACE api/token.cache. Writing into another workspace's config directory can modify credentials/state used by other tools and is a privilege beyond an isolated skill. The skill does not request 'always: true', but its ability to modify external files increases its blast radius.
⚠ scripts/strategy-output.js:260
Shell command execution detected (child_process).
⚠ scripts/customer-data-collector.js:21
Environment variable access combined with network send.
⚠ scripts/tag-sync.js:33
Environment variable access combined with network send.
⚠ scripts/customer-data-collector.js:26
File read combined with network send (possible exfiltration).
⚠ scripts/tag-sync.js:30
File read combined with network send (possible exfiltration).
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/3/27
NULL
● 无害
安装命令
点击复制官方npx clawhub@latest install ssa-customer-segmentation
镜像加速npx clawhub@latest install ssa-customer-segmentation --registry https://cn.longxiaskill.com