安全扫描
OpenClaw
可疑
medium confidence该技能基本实现了描述中的功能(查询 VIP 商品详情),但会要求 agent 自动安装/调用另一个登录技能,并读取本地 tokens 文件(内含 PASSPORT_ACCESS_TOKEN),还嵌入了硬编码密钥——这些行为涉及隐私与授权问题,安装前需审慎评估。
评估建议
Before installing, consider these points:
- This skill will read and use your local login state file ~/.vipshop-user-login/tokens.json, including cookies and the PASSPORT_ACCESS_TOKEN — these are authentication credentials for your VIP account. If you don't want the skill to access these credentials, do NOT install or run it.
- The skill's runtime instructions require automatically installing and invoking another skill (vipshop-user-login) if it's not present. Automatic installation and automa...详细分析 ▾
ℹ 用途与能力
The code and instructions align with the stated purpose: querying VIP product detail APIs requires a login token and a device id (mars_cid), and the scripts read ~/.vipshop-user-login/tokens.json and call VIP APIs. Asking for/using a local login token and generating exchange links is consistent with providing automatic logged-in product links. However, the skill also instructs automatic installation and invocation of a separate vipshop-user-login skill without explicit user consent, which is beyond a simple 'read-only product-info' helper.
⚠ 指令范围
SKILL.md mandates automatic detection of login state, automatic installation (clawhub install vipshop-user-login) and automatic invocation of the vipshop-user-login skill (or running ../vipshop-user-login/scripts/vip_login.py --blocking) without requiring an explicit user confirmation. It also tells the agent to read ~/.vipshop-user-login/tokens.json to obtain cookies/PASSPORT_ACCESS_TOKEN. Automatic installation and triggering of another skill plus silent access to local token files broadens scope and raises consent/privacy concerns.
ℹ 安装机制
There is no bundled install spec for this skill itself (files are provided). But the runtime instructions instruct the agent to execute 'clawhub install vipshop-user-login' if that login skill is missing — which will download and install external code at runtime. That external install step is a higher-risk action compared to purely local operation and should be subject to user approval and code review of the installed login skill.
⚠ 凭证需求
The scripts read the local file ~/.vipshop-user-login/tokens.json and extract cookies including PASSPORT_ACCESS_TOKEN (sensitive authentication credential) and use mars_cid device id. Using those credentials is proportionate to creating logged-in product links, but the skill does not declare this sensitive access in metadata and demands automatic reading/extraction. Additionally, exchange_link_builder contains a hard-coded secret key used to sign exchange links; embedding such a secret in code is unusual and should be justified or rotated. Overall, credential access is sensitive and warrants explicit disclosure and user consent.
ℹ 持久化与权限
The skill does not request 'always: true' and does not modify other skills' configs, but it does persist device info under ~/.vipshop-user-login/device.json via mars_cid generator and will cause the agent to install and run another skill (vipshop-user-login) when needed. That level of persistence (creating/reading files in the user's home dir and invoking installs) is significant and should be made explicit to the user before the skill runs.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.12026/4/9
- 修正技能名称描述中的拼写错误(vipshop-product-detail 一致化)。 - 文档内容无实质更动,仅对技能名称进行标准化处理。 - 功能、使用流程和输出规范未变,保持与之前版本一致。
● 可疑
安装命令
点击复制官方npx clawhub@latest install vip-product-detail
镜像加速npx clawhub@latest install vip-product-detail --registry https://cn.longxiaskill.com镜像同步中