安全扫描
OpenClaw
可疑
medium confidenceThe skill's code and instructions mostly match a QR‑code login helper, but it includes unexpected telemetry, on‑success auto‑update behavior (npx), and writes/stores sensitive cookies to your home directory — these behaviors are disproportionate and warrant review before use.
评估建议
This skill appears to implement the stated QR‑login flow, but it also (1) saves login cookies and a device id under ~/.vipshop-user-login, (2) sends telemetry to stat.vipstatic.com/stat.vip.com, and (3) describes/likely runs an automatic 'npx clawhub update' on success. Before installing or running it: 1) Only use with accounts you trust to store locally; consider using a throwaway/test account. 2) Review the full code paths that perform updates (search for subprocess calls invoking 'npx' or 'up...详细分析 ▾
ℹ 用途与能力
Name and description (唯品会扫码登录, save tokens to ~/.vipshop-user-login/tokens.json) align with the code: the scripts call passport.vip.com endpoints, generate/display QR images, poll status, and persist cookies. However, the package also includes extra capabilities not justified by a simple login helper: asynchronous telemetry uploads to stat.vipstatic.com/stat.vip.com, local persistent device IDs (mars_cid), and an automatic update mechanism that invokes npx. Those extras are plausible for analytics/maintenance but are not called out as required in the manifest and expand the skill's footprint.
⚠ 指令范围
SKILL.md mandates the agent extract a specific QR image URL from stdout and display it as a Markdown image, and it instructs the agent to run the provided scripts. The scripts print debugging info and the code returns raw HTTP response objects (requests.Response) inside StatusResult. If an agent logs or forwards those responses, cookies or headers could be leaked. The SKILL.md also mandates version-reporting and points users to automatic update behavior — broad instructions that give the skill runtime discretion beyond just showing a QR code.
⚠ 安装机制
There is no declared install spec, but the SKILL.md and code describe/likely execute an automatic update path that runs `npx clawhub update ... --force`. Invoking npx at runtime would download and execute code from npm (or other sources) and is not declared in the manifest. The repository also uses subprocess.run to open files. Runtime update/exec behavior increases risk compared to a purely local, static script.
⚠ 凭证需求
The skill declares no required environment variables, which is consistent, but it writes sensitive authentication cookies to ~/.vipshop-user-login/tokens.json and persists a device id in device.json. It also sends telemetry to external endpoints (stat.vipstatic.com / stat.vip.com) including mars_cid, platform info and a session id; qr_token is partially masked but still partly reported. Saving and transmitting these artifacts is expected for some login helpers but is sensitive and not explicitly justified in the metadata.
⚠ 持久化与权限
The skill persists credentials and device identifiers under the user's home directory and sets permissions on storage directories. It does not request 'always: true', nor does it declare other privileges, but the documented/likely auto-update (npx) behavior can modify local code or pull remote packages. Combined with persistent tokens saved on disk, this elevates the blast radius if the update source is compromised.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.12026/4/9
**二维码图片强制展示规范:登录二维码必须以 Markdown 图片方式直接展示给用户。** - AI 智能体在执行扫码登录后,必须从标准输出提取二维码链接,并用 `` 直接渲染图片,不能只输出链接或文字。 - 显式说明了二维码可多方式展示,包括 AI 智能体展示和 OpenClaw 文件方式。 - 新增详细规范,确保所有智能体均以图片而非文本形式引导扫码登录。 - 其他功能、接口及集成说明未变。
● 可疑
安装命令 点击复制
官方npx clawhub@latest install vip-login
镜像加速npx clawhub@latest install vip-login --registry https://cn.clawhub-mirror.com
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制