九马免费图片编辑

The skill's code, instructions, and resource usage are consistent with an image-editing client for the jiuma.ai API — nothing indicates deliberate misdirection, but it will upload any supplied local images and stores an API key in plaintext on disk, so treat it like any third‑party image-upload service.

This skill appears to do what it says: it sends images and edit prompts to api.jiuma.com and saves a Jiuma API key locally. Before installing or using it: (1) do not pass any sensitive files you don't want uploaded — the tool will read local file paths and upload file contents to a third-party service; (2) be aware the API key is saved as plaintext under your OpenClaw workspace (~/.openclaw/workspace/.jiuma/jiuma_api_key) and other local tools may read it; (3) ensure the Python 'requests' library is installed in the runtime environment; (4) if you need stronger secrecy, consider running the skill in an isolated environment or avoid logging into the service from machines that hold sensitive data. If you want, I can point out the exact lines that perform file reads/uploads and where the API key is stored.