Skillv1.0.1

ClawScan security

glm-v-model · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 10, 2026, 5:54 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill is plausibly what it claims (a GLM visual-model caller) but contains inconsistencies and minor misconfigurations (missing declared API env var, hardcoded example paths, and a buggy helper script) that warrant caution before use.
Guidance: This skill appears to do what it claims (call Zhipu GLM visual models), but there are several things to check before installing or using it: - Expect that the skill needs an API key (ZHIPU_API_KEY) even though the registry metadata doesn't list it. Provide the key only if you trust the Zhipu/bigmodel.cn service and understand their data handling. - Images (and possibly video) will be transmitted to a third-party API. Do not send sensitive or private images unless you are comfortable with that provider's privacy/retention policy. - The included helper script and examples contain issues: a hardcoded user path in an example, and a likely bug where the script calls img.read() but SKILL.md suggests passing filenames. Treat the script as untrusted code and inspect/modify it before running. - The SDK (zai-sdk) is installed via pip per the comments. Review the package source/version (e.g., on PyPI or the vendor site) before installing to ensure it's legitimate. Recommended actions: ask the publisher to update the registry metadata to list ZHIPU_API_KEY (and any other required env vars), remove or fix hardcoded paths/examples, and correct the script's file-handling behavior. If you cannot verify the publisher/SDK, avoid sending private images or run the code in an isolated environment.

Review Dimensions

Purpose & Capability: noteThe name, description, SKILL.md examples, and the Python helper all target calling Zhipu/GLM-4V/4.6V visual models (image/video understanding). Requiring an API key to call an external model provider is expected. However, the registry metadata declares no required environment variables while both the SKILL.md and the script state an API key is needed (ZHIPU_API_KEY). This mismatch between declared requirements and actual use is a discrepancy to resolve.
Instruction Scope: noteInstructions direct the agent to read local image files or URLs and send them to the GLM service, which matches the stated functionality. Concerns: (1) SKILL.md contains an example that appends an absolute, user-specific path (/Users/guobaokui/...) to sys.path — this is an unsafe, non-portable example and unnecessary. (2) The provided script's expected input is ambiguous/buggy: it expects objects with .read() for local images but the SKILL.md example calls glm_v(['image.jpg'], ...) (a filename string), which will break. (3) The skill will transmit image data to a third-party API (Zhipu); that is expected but privacy-sensitive.
Install Mechanism: okNo install spec is included (instruction-only plus a helper script). Comments suggest installing the 'zai-sdk' via pip — a normal, low-risk package manager step. No downloads from arbitrary URLs or extract steps are present.
Credentials: concernThe code reads ZHIPU_API_KEY from the environment to authenticate to the external service, which is proportionate to the skill's purpose. The concern is that the skill's registry metadata does not list this required environment variable (or any primary credential). The missing declaration is misleading and could cause users to overlook the need to provide credentials and to recognize that data will be sent to a third party.
Persistence & Privilege: okThe skill is not marked always:true, does not request system-wide config paths, and does not modify other skills. It runs as an invoked skill and requires an external API key — no excessive persistence or elevated privileges are requested.