by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
This skill appears to do what it says (scan 800+ directories, discover forms, and auto-submit), but review and test before use. Key points: 1) The registry metadata does not declare the many SUBMIT_* environment variables the SKILL.md and code require — be sure to set them intentionally and not in a shared/global environment. 2) Use throwaway email/passwords and confirm the code actually removes or redacts passwords and other PII from any saved JSON or logs (search for any places that write fill...详细分析 ▾
ℹ 用途与能力
Name/description match the code: scripts analyze directories.json, discover forms, and auto-fill/submit using Playwright. However the registry metadata lists no required environment variables or primary credential while SKILL.md and the code require many SUBMIT_* environment variables (product fields, email, password, optional GitHub/Twitter). The missing registry declarations are an incoherence to be aware of.
⚠ 指令范围
SKILL.md and the Python code instruct the agent to visit hundreds of external sites, fill fields, upload assets, and submit entries. The code resolves and fills credentials and other PII from environment vars and logs 'filled' details (filled_log stores values truncated to 50 chars). Although the README warns to use throwaway credentials and claims passwords are stripped before saving, I could not find a guaranteed audit in the provided snippets that sensitive values are always removed from saved JSON/logs—so there is a real risk of accidental credential or PII leakage when the skill writes submission_plan.json or prints filledDetails.
✓ 安装机制
No exotic install spec in registry; SKILL.md instructs 'pip install -r requirements.txt' and 'playwright install chromium' and requirements.txt only lists Playwright. No downloads from unknown hosts or archive extraction shown in the package metadata.
ℹ 凭证需求
Requested environment variables (product URL, name, tagline, email, username, password, optional Github/Twitter, asset filenames) are proportionate to the stated purpose. The inconsistency is that the registry metadata declares no required env vars while the runtime clearly depends on many SUBMIT_* variables. The skill also references use of gh CLI for GitHub PR flows (external auth required) which is reasonable but important to know.
✓ 持久化与权限
always is false and the skill does not request system-wide persistent privileges. It will run networked browser automation and read/write local files (submission_plan.json, checkpoint.md, directories.json, browser_check_list.json) in the working directory—this is expected for its purpose. Note: autonomous invocation is allowed by default on the platform; combined with broad outgoing network activity this increases blast radius if misused.
⚠ directories.json:6606
Install source points to URL shortener or raw IP.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.1.22026/3/11
NULL
● 无害
安装命令
点击复制官方npx clawhub@latest install submit-directories
镜像加速npx clawhub@latest install submit-directories --registry https://cn.longxiaskill.com镜像同步中