Antom Intelligent Assistant - Central control for all Antom-related requirements, intelligently analyzes user intent and delegates to the Payment Success Rat...
Security Analysis
medium confidenceThe skill mostly does what it claims (pull PSR data, analyze, generate PDF, send email) but contains several internal inconsistencies and missing metadata that warrant caution before installation.
Name/description and included scripts align with a Payment Success Rate reporting capability: query data, analyze/generate PDF, and email reports. That functionality reasonably requires a merchant credential and SMTP credentials. However there are inconsistencies across the package (different document endpoints mentioned in SKILL.md vs. the actual API endpoint in the query script), and the registry metadata does not declare the sensitive credentials the code actually needs (merchant_token and SMTP password).
Runtime instructions require a local config file (~/antom/conf.json or %USERPROFILE%\antom\conf.json) containing merchant_token and full email_conf (including SMTP password). The code reads this file and uses the merchant_token to POST to an external API and uses SMTP credentials to send mail — these actions are consistent with the stated purpose. Concerns: (1) the payment_expert SKILL.md lists an AlipayPlus/ibotservice endpoint but the query script posts to https://antomaplusai.antom.com/... — mismatched endpoints should be verified; (2) some scripts enforce different data-validity rules (one allows card OR apm, another requires both), indicating sloppy/contradictory logic; (3) SKILL.md references convenience scripts (./generate_today_report.sh) that are not included.
This is instruction-only / scripts-only with no install spec. Dependencies are listed in requirements.txt (requests, matplotlib, reportlab, numpy) which matches the code (HTTP calls, plotting, PDF generation). No downloads from unknown URLs and nothing is written to system-wide locations beyond the user's ~/antom folder. This is a lower install risk, but the package will write and read files under the user's home directory.
The skill requires (via its instructions and code) sensitive secrets: a merchant_token and SMTP credentials (username and password/app-password) stored in a local conf.json. These secrets are necessary for the advertised functionality, so they are proportionate in purpose — but the skill's registry metadata does not declare these requirements (no required env vars, primary credential, or config-path declarations). The lack of declared credentials in metadata reduces transparency and is a security/operational concern. Also the code will cause those secrets to be used to contact external endpoints and to log into SMTP, so users should be aware.
The skill does not request 'always: true' and is user-invocable; it does not attempt to modify other skills or system-wide settings. Its persistence is limited to creating/reading files within ~/antom (or %USERPROFILE%\antom on Windows).
Guidance
This skill appears to implement the advertised reporting pipeline, but several things don't add up and you should verify before installing or providing secrets: - Confirm the API endpoint(s): the payment_expert SKILL.md mentions an AlipayPlus endpoint, but the query script uses https://antomaplusai.antom.com/... — verify which domain is legitimate for your merchant account before giving a merchant_token. - The skill requires a conf.json with merchant_token and full SMTP credentials (including your email password or app-specific password). These are sensitive; only provide them if you trust the code and domain. Consider using an app-specific email password and a least-privilege mailbox. - Metadata omission: the registry lists no required credentials or config paths even though the scripts depend on conf.json. This reduces transparency — treat that as a red flag. - Inconsistencies in code: different scripts have different data-validation rules and the package references helper scripts (generate_today_report.sh) that are not present, which suggests sloppy packaging. Test in an isolated environment first (e.g., VM or container) and review the full source yourself. - Audit network behavior: run the query script in a controlled environment and inspect outbound requests to ensure data is sent only to the expected Antom domain. If possible, verify domain ownership (DNS, TLS certs) or ask the vendor for authoritative documentation. If you decide to use it: do so in an isolated/limited environment, back up critical data, limit SMTP credential scope, and verify endpoints and code integrity. If you cannot verify the domain or code author, treat providing credentials as high risk.
Latest Release
v2.0.6
Version 2.0.6 of antom-copilot - No file changes detected for this release. - All features and documentation remain unchanged.
Popular Skills
Published by @miscocox on ClawHub
