alibabacloud-openclaw-skill-security-scan

Warn

Audited by Socket on Jun 14, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the core behavior is coherent with a security scanning skill, but two factors raise concern: mandatory self-exclusion from scanning and remote upload of packaged local skills for cloud analysis. Install trust is better than a random downloader because the CLI appears official, yet the exact publisher relationship remains only partially verified. No clear credential theft or overtly malicious behavior is shown, so this is not confirmed malware, but it carries medium security risk.

Confidence: 100%Severity: 60%
Audit Metadata
Analyzed At
Jun 14, 2026, 03:29 PM
Package URL
pkg:socket/skills-sh/aliyun%2Falibabacloud-aiops-skills%2Falibabacloud-openclaw-skill-security-scan%2F@d33a0ac3369985c173911dc999bdbae7aa6a1108e2082e9abf8aefde993cf14d
Security Audit — socket — alibabacloud-openclaw-skill-security-scan