kami-conflict-detection
ReviewAudited by ClawScan on May 13, 2026.
Overview
The skill’s behavior matches its surveillance purpose, but it will continuously process camera/video footage, send selected frames to a remote Kami API, and use sensitive keys or webhooks.
Before installing, confirm you are authorized to monitor the chosen camera or video, understand that frames may be sent to Kami’s cloud API, use fresh/limited credentials, consider pinning dependencies, and set a runtime or clear stop procedure if you do not want continuous monitoring.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Images from the monitored video source may leave the local machine for remote analysis.
The skill sends frames from camera streams or local videos to an external analysis provider. This is disclosed and central to the skill, but the footage may be privacy-sensitive.
when 2+ people are detected, collects multiple frames and sends them to the Kami detection API for conflict analysis
Use this only on video sources you are authorized to monitor, review Kami’s privacy/retention terms, and avoid using it in private areas without consent.
Anyone with access to these secrets could potentially use the related Kami or Feishu integration within its allowed scope.
The skill requires a Kami API key and can optionally use a Feishu webhook secret. These credentials are purpose-aligned, but they are sensitive account or integration secrets.
`--kami_api_key` | *(required)* | Kami API key (also via env `KAMI_API_KEY`) ... `--feishu_secret` | *(env `FEISHU_WEBHOOK_SECRET`)*
Provide only the intended key or webhook, keep secrets out of shared chats/logs where possible, and rotate them if exposed.
If started without a clear stop condition, monitoring may continue longer than expected.
The skill is designed to restart after alerts and continue monitoring. This persistence is disclosed and aligned with surveillance monitoring, but users should intentionally choose when it runs.
OpenClaw reads the alert, reports to the user in chat, then automatically restarts the script for continuous monitoring
Set `--run_time` when appropriate and make sure you know how to stop the OpenClaw monitoring loop.
A future dependency version change could alter behavior or introduce vulnerabilities.
Dependencies are listed without pinned versions, and setup installs them into a virtual environment. This is common for Python skills but gives less reproducibility and supply-chain assurance.
onnxruntime opencv-python-headless numpy requests ultralytics
Prefer pinned dependency versions or install in an isolated environment you can review and update deliberately.