xc-xiaov

唯品会专属 AI 购物助手“小v”。当用户提及购物、穿搭建议、时尚趋势或特定商品搜索时，小v 会动态调用内部子技能提供商品推荐、详情查询及促销活动。

Plain-language recommendations before installing or enabling this skill: - Understand what will be installed: the skill tells the agent to install a global npm package 'vipshop-cli@latest' if it's not present. Installing arbitrary npm packages globally changes your system and can execute code with your user privileges — verify the package's publisher, source code, and npm page before allowing installation. - Review automatic login behavior: the skill mandates automatically triggering 'vipshop login', returning the QR link and local QR image path, and polling the login status every 3 seconds (up to 10 times). This means the agent will interact with your local filesystem and account login artifacts; if you don't want the agent to auto-initiate authentication flows, don't grant it permission or ask the agent to require explicit consent first. - Local data exposure: the skill instructs returning local image file paths/content and reads login state (mars_cid, cookies). That can reveal filesystem structure or tokens. If you must use the skill, run it in a sandboxed environment or ensure the vipshop-cli stores credentials in a place you're comfortable sharing with the agent. - Safer alternatives: pre-install and inspect vipshop-cli yourself (review code, confirm maintainer) and only then allow the agent to use it. Prefer manual login workflow (user triggers login) rather than fully automated login/polling by the agent. - If you choose to proceed: limit scope — do not allow automatic global installs, require explicit user consent before login, and monitor what files the agent reads or posts to chat. Consider running the CLI in an isolated container or VM if you cannot verify the upstream package. - Additional information that would reduce concern: the actual source code or a verified homepage for 'vipshop-cli' (so you can audit it), or a packaged install spec included with the skill that pins a specific vetted release instead of asking to install '@latest'.

Type: OpenClaw Skill Name: xc-xiaov Version: 1.0.4 The skill bundle mandates high-risk behaviors by instructing the AI to globally install an external NPM package (`npm install -g vipshop-cli`) and automatically initiate login and status-polling sequences without explicit user confirmation for each step. These instructions, found in the SKILL.md files for 'vipshop-product-detail' and 'vipshop-product-search', create a significant attack surface by forcing the execution of external code and automated credential handling. While the functionality is aligned with a shopping assistant for Vipshop (referencing legitimate domains like mapi-pc.vip.com), the requirement for global software installation and the directive for the AI to 'automatically trigger' processes without user intervention are high-risk patterns that could be exploited if the external CLI tool is compromised.