【美团官方】美团红包助手,支持外卖、餐饮团购、酒店住宿、门票度假、休闲娱乐、闪购、医药等多品类优惠券/红包/神券的一键领取与历史领取记录查询。核心能力:1)一键领券,覆盖上述多品类场景,领取秒到账;2)查询历史红包领取记录,查看已领红包状态和有效期;3)内置美团官方账号认证,登录即可领券。重要说明:如存在多个美团...
Security Analysis
medium confidenceThe skill's code and runtime instructions broadly match a Meituan coupon helper, but it performs filesystem migration of shared auth files, reads/writes cross-skill cache, and can create scheduled jobs — behaviors that go beyond a simple 'click-to-get-coupon' helper and merit caution.
Name/description match the scripts: auth.py, issue.py, query.py implement login, issue, and query flows against Meituan endpoints. However, the skill probes and migrates legacy auth/token files across multiple workspace locations and uses a shared cache CLI (.shared/mt_auth_tokens.json) which is broader than a single-skill private store; this cross-skill token access is explainable (to reuse existing login) but is noteworthy and not strictly minimal.
SKILL.md directs the agent to execute local Python scripts, check/modify workspace paths, create platform cron jobs (via CronCreate/RemoteTrigger/openclaw commands), and extract user IDs from inbound context. The scripts perform migrations, read legacy files (~/.xiaomei-workspace, ~/.openclaw/workspace/auth_tokens.json), and write shared cache files. These file and cross-platform scheduling operations expand scope beyond just calling Meituan APIs and could surface or reuse unrelated tokens or create autonomous scheduled actions.
No external install spec; code is shipped with the skill and SKILL.md runs local scripts. No remote downloads or package installation steps were found, so install mechanism risk is low. The runtime still executes subprocesses and writes files (via included CLI), so execution risk exists but installation itself is benign.
The skill requires no declared env vars, but the code reads/writes shared auth/token stores and multiple legacy paths (including other platform default auth files). It will migrate whatever tokens it finds into its shared cache and uses phone_masked/user_token values. Accessing and migrating tokens stored for other skills or in legacy locations is more privilege than expected for a single-purpose coupon retriever and could expose unrelated credentials if present in those locations.
The skill does not set always:true, but it can create persistent scheduled jobs across platforms (cron entries via platform-specific commands) and write persistent data (auth tokens, history) into the user's workspace/.shared cache. This persistence is plausible for an 'auto-claim daily coupon' feature, but it increases the blast radius because the skill can run autonomously at scheduled times and read/write shared token files.
Guidance
This skill largely implements what it claims (login, one‑click issue, query), but it also searches for and migrates auth/token files across multiple workspace locations and writes to a shared cache (mt_auth_tokens.json). Before installing or enabling automatic cron behavior: 1) inspect the included scripts yourself or in a sandbox to confirm they only access the Meituan tokens you expect; 2) consider setting SKILL_CACHE_WORKSPACE or XIAOMEI_AUTH_FILE to an isolated directory so the skill won't read/write your broader agent workspace; 3) avoid enabling automatic daily cron until you trust the environment (or prefer manual '领券' triggers); 4) verify the contents of any mt_auth_tokens.json/legacy auth files on disk to ensure no unrelated secrets will be migrated; 5) if you need higher assurance, run this skill in an isolated account/container or decline installation. If you want, I can point out the exact lines that read/migrate legacy token files and where the skill writes shared cache so you can review them.
Latest Release
v1.0.10
- 增加 --auto 一键模式,前置协议和登录校验,发券/查询一步完成,大幅提升响应效率 - 明确 Critical Rule #12 禁止自动触发登录时,手机号必须由用户当前会话主动输入,不允许通过脱敏号反推 - 本地存储及脚本调用相关逻辑调整:仅保存脱敏手机号,不再保存/拼接完整手机号 - README(SKILL.md)完善分步与一键流程指导,推荐优先用 --auto,只有在失败时才走降级流程 - 优化 references/response-copy.md 及相关文案、细节约束,保证用户体验和合规性
Popular Skills
Published by @meituan-openplatform on ClawHub
