warn
suspicious.install_untrusted_source
- Location
- skills/smyx_common/scripts/config-dev.yaml:2
- Finding
- Install source points to URL shortener or raw IP.
跌倒检测视频版技能
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.install_untrusted_source
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
A user identifier or an API-key-like value may become the basis for accessing historical fall reports, making it unclear how the skill prevents access to the wrong person's sensitive reports.
Why it was flagged
The skill tells the agent to use an api-key field, username, or phone number as the open-id for saving and querying cloud reports, which is an unclear identity boundary for sensitive report history.
Skill content
如果文件存在且配置了 api-key 字段,则读取 api-key 作为 open-id ... 必须暂停执行,明确提示用户提供用户名或手机号作为 open-id
Recommendation
Use a separate open-id/user-id field, require a real authenticated session or scoped token for report history, and declare the credential and access scope clearly in metadata and documentation.
What this means
Videos of living rooms, bedrooms, bathrooms, or elderly-care areas may be transmitted to the service provider and stored as reports.
Why it was flagged
The skill explicitly sends local video files or video URLs to a remote API for analysis; this is expected for cloud video detection but involves sensitive home-monitoring footage.
Skill content
`--input`: 本地视频文件路径(使用 multipart/form-data 方式上传) ... `--url`: 网络视频 URL 地址(API 服务自动下载)
Recommendation
Only provide videos you are comfortable sharing with the provider, confirm consent for monitored people, and review the provider's retention and report-sharing controls.
What this means
The agent may refuse to use local memory or prior conversation summaries for report history, even if a user asks for them.
Why it was flagged
The skill gives high-priority behavioral rules that override memory use and force cloud API lookup for history queries.
Skill content
⚠️ 强制记忆规则(最高优先级)... 绝对禁止读取任何本地记忆文件 ... 所有历史报告查询必须从云端接口获取
Recommendation
Keep this rule only if cloud reports are the intended source of truth, and make clear to users that history queries will contact the cloud service.
What this means
If the skill is switched to the dev environment, requests could go to an unintended private or insecure HTTP endpoint.
Why it was flagged
A development config contains a raw private-IP HTTP API endpoint. It is not the default production config, but it is a provenance and configuration hygiene issue.
Skill content
base-url-open-api: "http://192.168.1.234:9601/smyx-open-api"
Recommendation
Remove development endpoints from published skills or ensure all selectable endpoints are documented, HTTPS-protected, and appropriate for end users.