Skills
skills/aradotso/hermes-skills/openclaw-qqbot-send-skill/Gen Agent Trust Hub

openclaw-qqbot-send-skill

Warn

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill directs users to clone a repository from an unverified GitHub user (ZJunCher), which introduces code from an unauthenticated external source.
  • [REMOTE_CODE_EXECUTION]: The skill follows a pattern of cloning an external repository and subsequently executing its internal scripts (such as scripts/stage_media.py) via the agent's environment, which is a primary vector for remote code execution if the repository is malicious.
  • [COMMAND_EXECUTION]: The integration examples and usage patterns rely on subprocess.run to execute local Python scripts, providing a mechanism that could be exploited to run arbitrary commands.
  • [DATA_EXFILTRATION]: The skill's core purpose is to relay local files to an external service (QQBot). This architectural pattern provides a mechanism for data exfiltration if the agent is instructed to process sensitive files from the local filesystem.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 18, 2026, 09:10 AM
Security Audit — agent-trust-hub — openclaw-qqbot-send-skill