Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Hd Infoimage
v1.1.0高密度信息大图生成技能。根据文章/内容生成高信息密度的视觉大图,适合知识干货、笔记分享、课程内容可视化。支持9种风格:坐标蓝图波普实验室、复古波普网格、文件夹风、色块热敏纸、复古手帐、档案混合媒介、色块酸性风、票据剧场戏票风、Claude陶土风。使用 Imagen 3(ZenMux API,建议4K)生成。当用户...
⭐ 0· 402·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's stated purpose (generate high-density infographic images via Imagen 3 / ZenMux) is plausible, but the SKILL.md expects an API key and to run a Python generator script in another skill's directory (/root/.openclaw/workspace/skills/zenmux-image-generation). The package metadata lists no required env vars or credentials even though the runtime instructions explicitly reference ZENMUX_API_KEY and an OpenClaw config file. Referencing another skill's workspace/cwd is unexpected and disproportionate to the declared requirements.
Instruction Scope
Runtime instructions tell the agent to: cd into /root/.openclaw/workspace/skills/zenmux-image-generation, run a scripts/generate.py with ZENMUX_API_KEY, call send_to_feishu.sh (external), and provide a one-liner that cats ~/.openclaw/openclaw.json to extract the ZenMux API key. These steps reference reading a local config file and other skill artifacts and sending outputs via an out-of-skill script — actions that go beyond 'just produce a prompt' and could expose secrets or depend on files not included with this skill.
Install Mechanism
This is an instruction-only skill with no install spec and no bundled executables, so nothing new is written to disk by installation. That lowers install-time risk. However, the instructions depend on external scripts located elsewhere on disk which are not included here.
Credentials
Declared requirements list no environment variables or credentials, yet SKILL.md shows explicit use of a ZENMUX_API_KEY and a command to read ~/.openclaw/openclaw.json to pull provider API keys. Reading that file could expose API keys for multiple model providers. The skill should have declared any required env vars (e.g., ZENMUX_API_KEY) and not instruct ad-hoc reads of a global config file.
Persistence & Privilege
The skill does not request always:true and is user-invocable only; it does not claim permanent presence or automatic always-on behavior. There is no evidence it modifies other skills' configs. Autonomous invocation is enabled (platform default) but not combined here with other elevated privileges.
What to consider before installing
Before installing or enabling this skill: 1) Ask the publisher to explicitly declare required credentials (e.g., ZENMUX_API_KEY) in requires.env instead of instructing the agent to cat ~/.openclaw/openclaw.json. 2) Verify the referenced scripts (scripts/generate.py and send_to_feishu.sh) actually exist and inspect their code for network endpoints or exfiltration behavior — this skill bundle does not include them. 3) Do not allow the agent to read ~/.openclaw/openclaw.json or other global config files unless you intentionally permit access; that file likely contains API keys for multiple providers. 4) Prefer a version of the skill that either includes the generator code (so you can review it) or documents exactly which external tools it will call and why. 5) If you must use it, run it in a restricted environment or with a dedicated ZenMux API key limited in scope and billing to reduce blast radius.Like a lobster shell, security has layers — review code before you run it.
latestvk97cf74vdwzb9p0h0ksjbcpvqn84wd0e
License
MIT-0
Free to use, modify, and redistribute. No attribution required.