by 安全扫描
OpenClaw
可疑
high confidenceThe skill mostly does what it claims (call a local /chat_direct API) but contains inconsistencies in its docs and unsafe command construction that can allow shell/URL injection and contact to arbitrary endpoints — review or sandbox before use.
评估建议
This skill appears to do what it says (call a local /chat_direct API), but it constructs curl commands by interpolating user-provided URLs and queries into a shell command without validation or safe escaping. That can lead to command injection or accidental data exfiltration to arbitrary hosts. Before installing or running: (1) review or run the code in a sandbox/container; (2) avoid passing untrusted --url values and do not point it to public endpoints unless you trust them; (3) avoid feeding u...详细分析 ▾
ℹ 用途与能力
The name/description match the code: the CLI issues POSTs to a /chat_direct endpoint and supports single and batch queries. It does not request credentials or config paths. Minor inconsistencies: SKILL.md repeatedly states session ID format 'shuttle-cli-YYYYMMDD', while index.js actually generates 'shuttle-cli-{random16}_{YYYYMMDD}' (the README also mentions a random 16-code). SKILL.md changelog claims prior URL validation to restrict to localhost/private IPs, but there is no URL validation in the code — the CLI accepts any --url.
⚠ 指令范围
The runtime instructions and code shell out to curl via child_process.exec with a command string that interpolates user-provided inputs (options.url and queries). These inputs are not validated or safely escaped. That creates command-injection and/or broken-shell-invocation risks (e.g., malicious --url or a query line containing characters that break the single-quoted JSON payload). Although the SKILL.md states the tool is meant for local/private endpoints, the code allows arbitrary URLs, so an attacker or misconfiguration could make the tool send data to external hosts.
✓ 安装机制
No external download/install script is present; the package includes index.js and a normal package.json with a single dependency (commander). There is no install spec that fetches arbitrary archives or executes remote installers. The Node dependency is from the npm registry (package-lock included).
✓ 凭证需求
The skill does not request environment variables, credentials, or config paths. It requires a reachable AI service URL (default is a private IP) and Node/curl. However, because the URL is user-controllable and not validated, the tool can be used to transmit query contents to arbitrary endpoints — a proportionality/abuse risk even though no secrets are requested.
✓ 持久化与权限
The skill does not request elevated or persistent privileges; 'always' is false and there is no behavior that modifies other skills or global agent settings. It is a normal user-invoked CLI skill.
⚠ skill.json:42
Install source points to URL shortener or raw IP.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv2.0.12026/3/19
shuttle-ai-chatbot v2.0.1 - 技能 slug 更名:從 shuttle-qc-ai-chatbot 改為 shuttle-ai-chatbot - 發布至 ClawHub,正式上架
● 可疑
安装命令 点击复制
官方npx clawhub@latest install shuttle-ai-chatbot
镜像加速npx clawhub@latest install shuttle-ai-chatbot --registry https://cn.clawhub-mirror.com
技能文档
📖 概述
直接調用本地 AI 服務的 /chat_direct API,無需瀏覽器自動化。支援單次查詢與批次執行,速度更快、更穩定。
✨ 功能
- 🚀 直接 API 調用:無瀏覽器自動化,回應速度更快
- 📝 輸入任意查詢文字(產品型號、問題等)
- 📋 提取完整回應內容(結構化資料)
- 🚀 支援批次查詢(多個指令一次執行)
- 📊 輸出結果為 JSON 或純文字
- 🔄 支援產品比較(e.g., "DL30N vs DL40N")
- 🆔 会话 ID 優化:使用日期格式
shuttle-cli-YYYYMMDD,方便追蹤
🛠️ 使用方式
CLI 指令
# 單次查詢
shuttle-ai-chatbot query "SB860R8 spec" --output text
shuttle-ai-chatbot query "DL30N vs DL40N" # 產品比較
批次查詢
shuttle-ai-chatbot batch queries.txt --output json
查詢列表檔案內容(queries.txt)
DL30N
DL40N
SB860R8
P55U
📥 參數
| 參數 | 說明 | 預設值 |
|---|---|---|
query | 單次查詢文字 | - |
batch | 批次查詢檔案路徑(每行一筆) | - |
--url | 本地 AI 服務 URL | http://192.168.100.98:8888 |
--output | 輸出格式:json 或 text | json |
--lang | 回覆語言:zh 或 en | zh |
📤 輸出格式
JSON(預設)
{
"query": "p55u?",
"response": "產品規格表內容...",
"url": "http://192.168.100.98:8888",
"elapsed": "2.34s",
"timestamp": "2026-03-18T11:30:00+08:00",
"sessionId": "shuttle-cli-20260318"
}
Text
🔍 查詢:p55u?
🆔 Session:shuttle-cli-20260318
⏱️ 耗時:2.34s
📅 時間:2026-03-18T11:30:00+08:00📋 回應內容:
產品規格表內容...
🔧 工作原理
- 生成 会话 ID:
shuttle-cli-YYYYMMDD(當天日期) - 構造 JSON 請求:
{ question, session_id, lang } - 使用
curl發送 POST 到{url}/chat_direct - 解析 JSON 回應,提取
结果或响应欄位 - 輸出結果(JSON 或純文字)
🧩 相依性
- 本地 AI 服務 running 在...上
192.168.100.98:8888 curl命令(系統內建)- 节点.js 環境(執行 CLI)
📦 安裝
從 ClawHub 安裝:
clawhub install shuttle-ai-chatbot
或手動複製到 ~/.openclaw/workspace/skills/ 目錄。
📌 使用範例
基本產品查詢
shuttle-ai-chatbot query "DL30N spec"
shuttle-ai-chatbot query "P55U?"
產品系列比較
shuttle-ai-chatbot query "Compare DL30N and DL40N"
shuttle-ai-chatbot query "DL30N vs DL40N" --output text
批次查詢(從檔案)
建立queries.txt:
DL30N
DL40N
SB860R8
P55U
執行:
shuttle-ai-chatbot batch queries.txt --output json > results.json
指定不同服務 URL
shuttle-ai-chatbot query "p25n" --url http://10.0.0.5:8888
英文回覆
shuttle-ai-chatbot query "NA20H specifications" --lang en
⚠️ 注意事項
- 確保本地服務(預設
192.168.100.98:8888)已啟動且可訪問 - 若服務關閉或网络不通,會返回錯誤訊息
- 每次查詢使用當天日期作為 会话 ID,便於後端日誌追蹤
📄 變更歷史
v2.0.1 (2026-03-19)
- 技能slug更名: 從
shuttle-qc-ai-chatbot改名為shuttle-ai-chatbot - 發布至 ClawHub: 新版技能已上架
v2.0.0 (2026-03-18)
- 重大改動: 移除瀏覽器自動化,改用直接 API 調用
- 会话 ID 優化: 使用
shuttle-cli-YYYYMMDD格式 - 性能提升: 查詢速度更快(無需啟動瀏覽器)
- 穩定性增強: 不再依賴瀏覽器狀態,錯誤率大幅降低
- 參數簡化: 移除
--超时、--headless等瀏覽器相關參數 - 新增
--lang參數: 可指定回覆語言(zh/en) - URL 預設值變更: 從
/v1改為根路徑/
v1.0.2 (2026-03-17)
- 安全性限制: 新增 URL 驗證,僅允許本地端服務(localhost、私有 IP)
- 穩定性增強: 改寫回應等待邏輯,確保答案產生後才返回結果
- 錯誤處理: 統一錯誤訊息,禁止外部網路搜尋
v1.0.1 (2026-03-17)
- 文件更新: 新增產品比較使用範例
- skill.json: 新增 comparison tag,提升版本號
- README: 新增進階用法、產品比較範例、注意事項
v1.0.0 (2026-03-17)
- 初版發佈(瀏覽器自動化版本)
- 支援單次與批次查詢
- 自動化瀏覽器操作
- JSON/Text 輸出格式
作者: Shuttle AI 來源: https://clawhub.com/skills/shuttle-ai-chatbot
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制