OpenClaw: suspicious
VirusTotal: benign
StaticScan: suspicious
OpenClaw: suspicious
The skill matches its stated purpose and install method, but the repository includes a hard-coded API key in an example file which is an unexpected secret exposure and a proportionality concern.
VirusTotal: benign VT 报告
静态扫描: suspicious
Detected: suspicious.dangerous_exec, suspicious.potential_exfiltration
README 未提供
无文件信息
{
"latestVersion": {
"_creationTime": 1774223217941,
"_id": "k97ezakvehc8wm679vj4cw1gex83d0jt",
"changelog": "Remove patterns that trigger security scanner",
"changelogSource": "user",
"createdAt": 1774223217941,
"parsed": {
"clawdis": {
"emoji": "🚀",
"homepage": "https:\/\/github.com\/shipstatic\/ship",
"install": [
{
"bins": [
"ship"
],
"kind": "node",
"package": "@shipstatic\/ship"
}
],
"primaryEnv": "SHIP_API_KEY",
"requires": {
"bins": [
"ship"
],
"env": [
"SHIP_API_KEY"
]
}
}
},
"version": "0.7.20"
},
"owner": {
"_creationTime": 0,
"_id": "publishers:missing",
"displayName": "shipstatic-com",
"handle": "shipstatic-com",
"image": "https:\/\/avatars.githubusercontent.com\/u\/220701741?v=4",
"kind": "user",
"linkedUserId": "kn76bz9cz5kjb41spwe8stgxas83c28p"
},
"ownerHandle": "shipstatic-com",
"skill": {
"_creationTime": 1774222826805,
"_id": "kd72x6gfhkm4nzzmw99fzp25h583dm45",
"badges": [],
"createdAt": 1774222826805,
"displayName": "ShipStatic",
"latestVersionId": "k97ezakvehc8wm679vj4cw1gex83d0jt",
"ownerUserId": "kn76bz9cz5kjb41spwe8stgxas83c28p",
"slug": "shipstatic",
"stats": {
"comments": 0,
"downloads": 22,
"installsAllTime": 0,
"installsCurrent": 0,
"stars": 0,
"versions": 3
},
"summary": "Static hosting via ShipStatic. Use when the user wants to deploy a website, upload files, manage deployments, set up domains, or publish static files to ship...",
"tags": {
"latest": "k97ezakvehc8wm679vj4cw1gex83d0jt"
},
"updatedAt": 1774226808227
}
}