Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OpenClaw Wallpaper
v0.2.1OpenClaw 桌面壁纸 - 让 AI 住进你的桌面。支持流式对话、成就系统、上下文持久化、7x24稳定运行。自动安装 Lively Wallpaper,一键启动。
⭐ 0· 77·0 current·0 all-time
byAI话聊室@femnn
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code and instructions implement a local bridge between Lively Wallpaper UI and a local OpenClaw Gateway (expected for a wallpaper chat skill). However, wallpaper-server.js contains a hard-coded gatewayToken value and ui-server.js serves files from a hard-coded absolute Windows user path (C:\Users\23622\...). The README instructs editing the file to supply a token, yet the repository already embeds one — this mismatch is unexpected and incoherent with the SKILL.md guidance.
Instruction Scope
SKILL.md instructs running scripts (scripts/install.ps1, scripts/start.bat, scripts/install-startup.bat) to auto-install Lively and enable startup, but these script files are not present in the provided file manifest. SKILL.md also tells users to retrieve a Gateway Token and edit wallpaper-server.js, but the server file already contains a hard-coded token string. The skill reads/writes conversation history to wallpaper-data/ and writes log/status files — expected for persistence but should be called out since SKILL.md promises '上下文持久化'.
Install Mechanism
There is no install spec in the registry (instruction-only), which is lower risk. SKILL.md refers to automated install scripts for Lively Wallpaper, but those scripts are missing from the manifest; if the missing scripts were present and executed they could perform system installs (winget/Microsoft Store/etc). The repository itself does not fetch remote code at runtime (server communicates with localhost).
Credentials
The skill declares no required environment variables or credentials, yet wallpaper-server.js embeds a long-looking bearer token in the source. That is a disproportionate and suspicious secret exposure: either the token is a leftover/test value, or it points to someone else's gateway and could allow the skill to act with that credential. The SKILL.md instructs users to obtain their own Gateway Token, but the presence of a hard-coded token contradicts that and is not justified.
Persistence & Privilege
The skill creates persistent files (wallpaper-data, wallpaper-status.json, wallpaper-monitor.log), spawns detached node processes, and the documentation references creating startup entries. These are consistent with a long-running wallpaper service, but they do give the skill lasting presence on the host. The monitor uses taskkill to stop node.exe processes matching a window title filter which could affect other node processes in some cases. 'always' is false, and there is no direct request to modify other skills or system-wide configs in the provided files.
What to consider before installing
This skill is plausible for a desktop wallpaper chat bridge, but there are several red flags you should address before installing or running it:
- Do not run any missing install scripts blindly. SKILL.md refers to scripts (install.ps1, start.bat, install-startup.bat) that are not in the provided file list — ask the publisher for them or inspect them carefully if they appear later.
- Inspect wallpaper-server.js and remove or replace the hard-coded gatewayToken. Treat that token as sensitive: ask the author where it came from. Do not run the server until you configure it with a token you control (or confirm the embedded token is intentionally safe).
- The UI server (ui-server.js) uses an absolute path to a specific Windows user directory. Update it to a path on your machine or serve files from the skill directory to avoid accidental access to unrelated user directories.
- Expect the skill to write conversation history and logs under the skill directory — check file locations and permissions if you care about privacy.
- The monitor uses Windows taskkill and will spawn detached node processes; if you run this on a machine with other Node apps, review the taskkill filter and restart logic to avoid unintended process termination.
If you cannot confirm the origin of the embedded token or the missing scripts, treat the skill as untrusted. Ask the publisher for: the missing scripts, clarification about the embedded gateway token, and a version of ui-server.js that uses relative paths. After those are resolved, re-evaluate and consider running the skill inside a controlled environment (VM) first.wallpaper-monitor.js:90
Shell command execution detected (child_process).
wallpaper-ui/LivelyProperties.json:5
Install source points to URL shortener or raw IP.
wallpaper-server.js:515
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk977kbtx7kfmtag91vmcbvvb6583bmyj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.