ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cat Face Recognition Skill | 猫脸识别技能

v1.0.0

Dentifies specific cats by comparing images or videos of their faces. It supports distinguishing between different individuals in multi-cat households, ensur...

0· 33·0 current·0 all-time
bysmyx-skills@18072937735
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill is labeled a 'Cat Face Recognition' skill but the SKILL.md and code are clearly copy-pasted from other domains: text refers to bird recognition (500 species) and a TCM face-diagnosis skill, and many modules (face_analysis, smyx_common) implement generic AI/health analysis rather than a focused cat-only capability. That mismatch suggests sloppy composition or repackaging and raises doubt whether all included files are necessary or relevant to the claimed purpose.
!
Instruction Scope
Runtime instructions require reading local config files (skills/smyx_common/scripts/config.yaml or workspace config) to obtain an 'open-id', auto-save uploaded attachments into the skill directory, and insist scripts be run from the skill root. SKILL.md also contains a contradictory 'absolute prohibition' against reading local memory/LanceDB yet the skill explicitly reads local config and can create local DB files. The skill will perform file I/O (save attachments, create DB under workspace/data) and network calls to external APIs — these are beyond a benign 'image-only' classifier and are not reflected in the declared requirements.
Install Mechanism
There is no install spec (instruction-only according to metadata) but the package actually includes many Python modules and large dependency lists in skills/smyx_common/requirements.txt and skills/face_analysis/requirements.txt. That mismatch means dependencies will not be automatically installed by the skill manifest; to run it the environment will need many packages, and the included requirements contain a broad set of libraries. Absence of an install spec combined with many code files is an operational mismatch and increases surprise/risk if executed without preparing an isolated environment.
!
Credentials
The skill declares no required env vars, but the code reads environment values (OPENCLAW_WORKSPACE, OPENCLAW_SENDER_OPEN_ID, OPENCLAW_SENDER_USERNAME, FEISHU_OPEN_ID) and uses local config files for API base URLs and keys. The SKILL.md enforces obtaining an 'open-id' by reading local config files or asking the user — it forbids fabricating an open-id. The skill may accept an optional API key / api-url parameter; default base URLs in smyx_common point to external domains. Requesting/using these local envs and config files is not proportional to the simple 'cat-face' description and is not declared in metadata.
Persistence & Privilege
always:false (no forced global presence) which is appropriate. However, the code will create/modify files: YamlUtil can create config.yaml if absent, Dao will create a SQLite DB under workspace/data, and the skill will save uploaded attachments into its attachments directory. The skill therefore establishes on-disk persistence and local state even though metadata and SKILL.md emphasize fetching reports from cloud — this behavior should be expected and reviewed before use.
What to consider before installing
This package is internally inconsistent and should be treated with caution. Specific issues: (1) Documentation and code are mixed from different features (cat recognition, bird recognition, TCM face analysis), which suggests copy-paste or repackaging rather than a focused tool. (2) The runtime instructions rely on reading local config files and environment variables (OPENCLAW_WORKSPACE, OPENCLAW_SENDER_OPEN_ID, etc.) and will write files (attachments, config.yaml, a SQLite DB under workspace/data). (3) The skill calls external APIs using base URLs present in included config YAMLs — those endpoints are outside your control and could receive uploaded images/videos. Before installing, consider: run the skill in an isolated environment (container/VM), inspect and if needed modify the config.yaml to point to safe/test endpoints, do not provide sensitive credentials or production workspace values, and ask the author/source for a clear explanation of why unrelated modules are included and exactly which network endpoints will be contacted. If you cannot verify the origin or purpose, avoid installing on a device with sensitive data or network access.
!
skills/smyx_common/scripts/config-dev.yaml:2
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk979y6mkwg3g2rga6fm4kc7zm584vqc5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments