安全决策报告

likes-training-planner

Name: likes-training-planner 可信度判断报告
Item: likes-training-planner
Rating: 60
Author: ClawSafe

Legitimate training platform skill with documented but dangerous curl|bash installation pattern that creates supply chain risk. Core functionality is benign with no active malicious behavior detected.

安装决策优先来源: 手动上传扫描时间: 2026/4/4

文件 45

IOC 9

越权项 0

发现 2

最直接的威胁证据

User executes curl|bash installation from documentation delivery · README.md

Remote install.sh script executes with user privileges exploitation · install.sh

Malicious install.sh could be served if repository is compromised, executing arbitrary code impact_potential · install.sh

为什么得出这个结论

2/4 个维度触发

通过

声明与实际能力

声明资源与推断能力基本一致。

阻止

隐藏执行与外联

提取到 2 个高危 IOC 或外联信号。

阻止

攻击链与高危发现

报告包含 3 步攻击链，另有 0 项高危或严重发现。

复核

依赖与供应链卫生

没有完整依赖信息，供应链判断需要保留弹性。

攻击链

User executes curl|bash installation from documentation

delivery · README.md:37

Remote install.sh script executes with user privileges

exploitation · install.sh:1

Malicious install.sh could be served if repository is compromised, executing arbitrary code

impact_potential · install.sh

风险分是怎么被拉高的

curl|bash installation pattern +30

SKILL.md and README recommend piping curl to bash for installation. This allows remote server to execute arbitrary code. Found in README.md:35, SKILL.md:308, README.en.md:35

Supply chain risk +10

Installation pulls from gitee.com/chenyinshu and github.com/chenwynn. These repositories could be compromised to serve malicious install.sh at any time

最关键的证据

中危供应链

Dangerous curl|bash installation pattern

SKILL.md and README files recommend 'curl -fsSL <url> | bash' for installation. This pattern allows the remote server to execute arbitrary code on the user's machine. While the current install.sh is benign, the repository could be compromised to serve malicious code.

README.md:37

Replace with manual download instructions or use signed package verification. Consider providing SHA256 checksums for verification.

中危供应链

Multiple remote installation sources

Skill provides installation instructions from both Gitee and GitHub. Both sources are third-party and could be independently compromised.

likes-training-planner/SKILL.md:297

Use a single trusted source with integrity verification.

声明能力 vs 实际能力

文件系统 通过

声明 WRITE

→

推断 WRITE

SKILL.md declares node scripts that write config/output files to ~/.openclaw/

网络访问 通过

声明 READ

→

推断 READ

SKILL.md declares LIKES_API_KEY requirement; scripts make HTTPS API calls to my.likes.com.cn

命令执行 通过

声明 WRITE

→

推断 WRITE

SKILL.md documents node script execution (node scripts/*.cjs)

环境变量 通过

声明 READ

→

推断 READ

Scripts read LIKES_API_KEY from process.env only - legitimate use

可疑产物与外联

严重危险命令

curl -fsSL https://gitee.com/chenyinshu/likes-training-planner/raw/main/install.sh | bash

README.en.md:35

严重危险命令

curl -fsSL https://raw.githubusercontent.com/chenwynn/likes-training-planner/main/install.sh | bash

likes-training-planner/SKILL.md:297

中危外部 URL

https://gitee.com/chenyinshu/likes-training-planner/raw/main/install.sh

README.en.md:35

中危外部 URL

https://gitee.com/chenyinshu/likes-training-planner/releases/latest/download/likes-training-planner.skill

README.en.md:43

中危外部 URL

http://127.0.0.1:18789

README.en.md:56

中危外部 URL

https://my.likes.com.cn

README.en.md:63

中危外部 URL

https://gitee.com/chenyinshu/likes-training-planner

README.en.md:276

中危外部 URL

https://gitee.com/chenyinshu/likes-training-planner/releases

README.en.md:277

中危外部 URL

https://my.likes.com.cn/api/open

likes-training-planner/references/api-docs.md:8

依赖与供应链

没有结构化依赖告警。

文件构成

45 个文件 · 9197 行

JavaScript 31 个文件 · 5646 行Markdown 11 个文件 · 3401 行Shell 3 个文件 · 150 行

需关注文件 · 4

likes-training-planner/references/api-docs.md Markdown · 484 行

https://my.likes.com.cn/api/open

README.en.md Markdown · 314 行

curl -fsSL https://gitee.com/chenyinshu/likes-training-planner/raw/main/install.sh | bash · https://gitee.com/chenyinshu/likes-training-planner/raw/main/install.sh · https://gitee.com/chenyinshu/likes-training-planner/releases/latest/download/likes-training-planner.skill · http://127.0.0.1:18789 · https://my.likes.com.cn · https://gitee.com/chenyinshu/likes-training-planner · https://gitee.com/chenyinshu/likes-training-planner/releases

README.md Markdown · 316 行

Dangerous curl|bash installation pattern

likes-training-planner/SKILL.md Markdown · 298 行

Multiple remote installation sources · curl -fsSL https://raw.githubusercontent.com/chenwynn/likes-training-planner/main/install.sh | bash

其他文件 · push_plans.cjs · push_plans.cjs · api-docs.md · SKILL.md · fetch_activities.cjs · fetch_activities.cjs +2

45 文件 · 248.8 KB · 9197 行

JavaScript 31f · 5646LMarkdown 11f · 3401LShell 3f · 150L

├─ ▾ 📁 likes-training-planner

│ ├─ ▾ 📁 references

│ │ ├─ 📝 api-docs.md Markdown 484L · 11.8 KB

│ │ ├─ 📝 code-format.md Markdown 207L · 4.2 KB

│ │ └─ 📝 sport-examples.md Markdown 268L · 6.5 KB

│ ├─ ▾ 📁 scripts

│ │ ├─ 📜 add_feedback_comment.cjs JavaScript 190L · 5.3 KB

│ │ ├─ 📜 analyze_data.cjs JavaScript 162L · 4.5 KB

│ │ ├─ 📜 bot-config.cjs JavaScript 209L · 5.0 KB

│ │ ├─ 📜 bot-router.js JavaScript 52L · 2.0 KB

│ │ ├─ 📜 configure.cjs JavaScript 89L · 2.2 KB

│ │ ├─ 📜 fetch_ability.cjs JavaScript 240L · 8.0 KB

│ │ ├─ 📜 fetch_activities.cjs JavaScript 287L · 8.4 KB

│ │ ├─ 📜 fetch_feedback.cjs JavaScript 247L · 7.1 KB

│ │ ├─ 📜 fetch_game.cjs JavaScript 193L · 5.2 KB

│ │ ├─ 📜 fetch_games.cjs JavaScript 175L · 4.7 KB

│ │ ├─ 📜 fetch_plans.cjs JavaScript 179L · 4.6 KB

│ │ ├─ 📜 get_activity_detail.cjs JavaScript 202L · 5.8 KB

│ │ ├─ 📜 preview_plan.cjs JavaScript 204L · 5.5 KB

│ │ ├─ 📜 push_plans.cjs JavaScript 321L · 10.4 KB

│ │ ├─ 📜 push_plans.js JavaScript 128L · 3.3 KB

│ │ ├─ 🔧 push_plans.sh Shell 18L · 529 B

│ │ └─ 📜 set-config.cjs JavaScript 65L · 1.6 KB

│ └─ 📝 SKILL.md Markdown 298L · 8.0 KB

├─ ▾ 📁 references

│ ├─ 📝 api-docs.md Markdown 416L · 9.8 KB

│ ├─ 📝 code-format.md Markdown 207L · 4.2 KB

│ └─ 📝 sport-examples.md Markdown 268L · 6.5 KB

├─ ▾ 📁 scripts

│ ├─ 📜 add_feedback_comment.cjs JavaScript 190L · 5.3 KB

│ ├─ 📜 analyze_data.cjs JavaScript 162L · 4.5 KB

│ ├─ 📜 bot-config.cjs JavaScript 209L · 5.0 KB

│ ├─ 📜 bot-router.js JavaScript 52L · 2.0 KB

│ ├─ 📜 configure.cjs JavaScript 89L · 2.2 KB

│ ├─ 📜 fetch_activities.cjs JavaScript 287L · 8.4 KB

│ ├─ 📜 fetch_feedback.cjs JavaScript 247L · 7.1 KB

│ ├─ 📜 fetch_game.cjs JavaScript 193L · 5.2 KB

│ ├─ 📜 fetch_games.cjs JavaScript 175L · 4.7 KB

│ ├─ 📜 fetch_plans.cjs JavaScript 179L · 4.6 KB

│ ├─ 📜 get_activity_detail.cjs JavaScript 202L · 5.8 KB

│ ├─ 📜 preview_plan.cjs JavaScript 204L · 5.5 KB

│ ├─ 📜 push_plans.cjs JavaScript 321L · 10.4 KB

│ ├─ 📜 push_plans.js JavaScript 128L · 3.3 KB

│ ├─ 🔧 push_plans.sh Shell 18L · 529 B

│ └─ 📜 set-config.cjs JavaScript 65L · 1.6 KB

├─ 📝 README.en.md Markdown 314L · 8.7 KB

├─ 📝 README.md Markdown 316L · 8.4 KB

├─ 📝 README.zh.md Markdown 314L · 8.4 KB

├─ 📝 SKILL.md Markdown 309L · 8.4 KB

└─ 🔧 install.sh Shell 114L · 3.6 KB

安全亮点

Core scripts (fetch_activities, push_plans, analyze_data) are well-written and legitimate

API calls use HTTPS to known endpoint (my.likes.com.cn)

No credential harvesting - only accesses LIKES_API_KEY for the training platform

No base64 encoding, obfuscation, or eval() patterns found

No access to ~/.ssh, ~/.aws, or other sensitive credential paths

No data exfiltration to unknown IPs

No reverse shell or RCE capabilities

Configuration properly scoped to skill-specific file (~/.openclaw/likes-training-planner.json)