← Back to Skills Marketplace
qianfan clawhub
by
baidu_qianfan
· GitHub ↗
· v1.0.1
· MIT-0
252
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install qianfan-clawhub
Description
Search and install Baidu Qianfan ecosystem skills with fuzzy matching across slug, name, and description fields
Usage Guidance
This tool largely does what it says — it searches Baidu's appbuilder and downloads skill zip files using your BAIDU_API_KEY. However, the included script will attempt an undocumented HTTP GET to http://localhost:4096/path and use its 'directory' field as the workspace when no workdir is provided; a malicious or compromised local service could point that to sensitive locations and cause files to be written there. Before installing or running: (1) read the script and consider removing or modifying the localhost call, (2) prefer running with an explicit --workdir you control (avoid relying on the default), (3) use a restricted BAIDU_API_KEY with minimal permissions, (4) run the tool in a sandboxed environment if possible, and (5) ask the author/maintainer to document and justify the localhost lookup or remove it.
Capability Analysis
Type: OpenClaw Skill
Name: qianfan-clawhub
Version: 1.0.1
The skill functions as a package manager for the Baidu Qianfan ecosystem, which inherently involves high-risk operations like downloading and executing remote code. A potential Zip Slip vulnerability exists in `scripts/qianfanclawhub.py` because the `install_skill` function does not sufficiently sanitize file paths within downloaded ZIP archives before extraction. Additionally, the script attempts to discover the local environment's directory structure by querying an undocumented local endpoint at `http://localhost:4096/path`.
Capability Assessment
Purpose & Capability
Name/description and required BAIDU_API_KEY align with interacting with Baidu's Qianfan/AppBuilder APIs (the code calls appbuilder.baidu.com endpoints for search/download). Required binary (python3) is reasonable. One mismatch: the SKILL.md and description state a default workspace of ~/.qianfan/workspace, but the code attempts to query http://localhost:4096/path to obtain a directory — this is not documented in the description and expands the skill's capabilities.
Instruction Scope
SKILL.md instructs only search/install and mentions --workdir, but the runtime code will attempt an unauthenticated HTTP GET to http://localhost:4096/path (timeout 5s) and use the returned JSON 'directory' as the skills workspace. That local-network behavior is not described in SKILL.md and can influence where downloaded zip contents are extracted (potentially outside the expected ~/.qianfan path).
Install Mechanism
No install spec (instruction-only skill) and included Python script only; nothing in the manifest downloads arbitrary installers during installation. Risk from installation is low — runtime operations (network download of skill zip and extraction) are the main concern.
Credentials
Only BAIDU_API_KEY is required and used to authenticate requests to the declared Baidu endpoints, which is proportionate. However, because the script may consult a local HTTP endpoint to choose a directory, a local service could cause files to be written into attacker-controlled or sensitive paths — this elevates the impact of giving the skill write access via the API and filesystem.
Persistence & Privilege
Skill does not request always:true and does not change other skills' configs, but it writes downloaded zip contents into a filesystem path which can be chosen by a local HTTP response (see localhost:4096 call). That behavior can lead to extraction into arbitrary locations if a local service controls the returned 'directory', increasing the privilege impact of the skill when run on a host with such a service present.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install qianfan-clawhub - After installation, invoke the skill by name or use
/qianfan-clawhub - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- Added support for multi-field fuzzy matching across skill slug, name, and description.
- Introduced language-aware searching: prefers English keywords, falls back to Chinese if no results.
- Now requires BAIDU_API_KEY for authenticated access.
- Updated documentation to reflect new search strategies and requirements.
- Removed requirements.txt file.
v1.0.0
- Initial release of qianfan-clawhub.
- Search and install Baidu Qianfan ecosystem skills using prefix-matching.
- Install skills to a custom directory with the --workdir option.
- Supports secure, anonymous access to Baidu Cloud BOS storage.
- Integrated download, extraction, verification, and installation of skills.
Metadata
Frequently Asked Questions
What is qianfan clawhub?
Search and install Baidu Qianfan ecosystem skills with fuzzy matching across slug, name, and description fields. It is an AI Agent Skill for Claude Code / OpenClaw, with 252 downloads so far.
How do I install qianfan clawhub?
Run "/install qianfan-clawhub" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is qianfan clawhub free?
Yes, qianfan clawhub is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does qianfan clawhub support?
qianfan clawhub is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created qianfan clawhub?
It is built and maintained by baidu_qianfan (@baiduqianfangroup); the current version is v1.0.1.
More Skills