Aliyun Qwen Vl

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill mostly matches its image-analysis purpose, but its helper can send your Alibaba DashScope API key to a request-specified API URL instead of only official Alibaba endpoints.

Review this skill before installing. It is suitable for Qwen VL image analysis, but only run it with trusted request JSON and verify the API endpoint. The code should ideally be changed to allow only official DashScope endpoints before using real Alibaba Cloud credentials.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI03: Identity and Privilege Abuse

High

What this means

A crafted or mistaken request could disclose the user’s Alibaba Cloud DashScope API key to a non-Alibaba endpoint.

Why it was flagged

The request can override the API base URL, and the script will attach the DashScope bearer token to that resulting endpoint without evidence of host validation.

Skill content

base_url = req.get("base_url", DEFAULT_BASE_URL).rstrip("/") ... url=f"{base_url}/chat/completions" ... "Authorization": f"Bearer {os.environ['DASHSCOPE_API_KEY']}"

Recommendation

Restrict base_url to official DashScope hosts, or require explicit user approval and avoid sending the DashScope credential to arbitrary compatible endpoints.

#ASI07: Insecure Inter-Agent Communication

Low

What this means

Images and prompts submitted for analysis may be processed by Alibaba Cloud or by whatever endpoint is configured.

Why it was flagged

Local file inputs are converted to data URLs and sent to the configured DashScope-compatible API, which is expected for image understanding but means selected image contents leave the local machine.

Skill content

if path.exists() and path.is_file():
        return _path_to_data_url(path) ... requests.post(url, headers=headers, json=payload, timeout=timeout_s)

Recommendation

Use only intended images, avoid sensitive documents unless this external processing is acceptable, and verify the API endpoint before running.

#ASI04: Agentic Supply Chain Vulnerabilities

Low

What this means

A future dependency version could behave differently from the version the author tested.

Why it was flagged

The documented setup installs an unpinned dependency from the package index. This is purpose-aligned, but it is less reproducible than a pinned dependency.

Skill content

python -m pip install requests

Recommendation

Install in a virtual environment and pin or verify the requests version for production use.