by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
Before installing or using this skill, consider: (1) The SKILL.md assumes a 'message' command is available but doesn't declare it—confirm which binary implements WhatsApp sending and that it's trusted. (2) The file paths are inconsistent: replace the hardcoded /home/seekey path with $HOME or ~ so it works for your account. (3) The skill downloads arbitrary URLs—only supply trusted URLs and ensure filenames are sanitized to avoid shell injection or path traversal. (4) Validate file types before s...详细分析 ▾
ℹ 用途与能力
The name and description match the runtime steps (download → copy to workspace → send → cleanup). However the SKILL.md assumes a CLI called message exists and hardcodes an absolute path (/home/seekey/.openclaw/workspace) that doesn't match the earlier use of ~/.openclaw/workspace; required binaries are not declared. Those mismatches are unexpected for a small integration.
⚠ 指令范围
Instructions tell the agent to curl arbitrary URLs into /tmp and then copy them into the workspace before sending. Downloading arbitrary external content is necessary for the stated purpose but also risky if filenames/URLs are not validated. The SKILL.md also hardcodes a specific user path (/home/seekey/...) and references an undeclared 'message' tool, which could cause the agent to read/write unintended locations or fail. The instructions do not mention validating file types, sanitizing filenames, or verifying the message CLI's identity—gaps that increase risk of misuse or accidental data exposure.
✓ 安装机制
This is an instruction-only skill with no install spec and no files written to disk by an installer, which minimizes install-time risk.
ℹ 凭证需求
No environment variables or credentials are requested, which is appropriate. But the skill implicitly requires access to the user's workspace directory and an external 'message' CLI (not declared). The hardcoded /home/seekey path is disproportionate/unportable and could point to another user's directory on some systems.
✓ 持久化与权限
The skill does not request permanent presence (always:false) and does not modify other skills or system-wide settings. It instructs only transient file operations (download, copy, delete).
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.12026/2/27
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install whatsapp-image-send
镜像加速npx clawhub@latest install whatsapp-image-send --registry https://cn.longxiaskill.com