Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
选妃 - 定时推送美女 - 整理美女图片
v1.1.1每日 AI Girl 选妃 - 从指定目录(目录里要有图片)随机选择 3 张 AI 女孩图片,让用户选择一个最喜欢的,自动保存为新头像并记录偏好。使用场景:(1) 每日早晨执行选妃任务,(2) 需要更新 AI 助手形象时,(3) 需要随机选择图片用于展示或测试
⭐ 0· 130·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
SKILL.md metadata declares python3 as a required binary but none of the provided scripts use Python; all scripts are Bash. The skill claims configurable directories (e.g., ~/.openclaw/workspace) but the scripts hard-code absolute paths under /Users/qifengxiang and /Volumes/info/sex/picture/AI girls, tying the skill to a specific user's filesystem rather than the generic paths described.
Instruction Scope
Runtime scripts read from /Volumes/info/sex/picture/AI girls, copy files into a user workspace, generate and open an HTML preview, update an avatar file, and overwrite a preferences file — none of these target paths are declared in metadata or exposed as configurable env vars. process-selection.sh maps selections to hard-coded filenames (20250725_002805.jpg, etc.) which contradicts the random-selection behavior and could fail or behave unexpectedly if source contents differ.
Install Mechanism
This is an instruction-only skill with included shell scripts and no install spec or remote downloads. There is no network-based installation or archive extraction, so installation risk is low from a supply-chain perspective.
Credentials
Requires no credentials or env vars, but the scripts access and modify local filesystem paths in another user's home and a mounted volume. The metadata does not declare these config paths, so the skill asks implicit filesystem access beyond what's documented. The declared python3 requirement is disproportionate and unexplained.
Persistence & Privilege
The skill writes/overwrites local files (avatar image and a preferences file) under a user's workspace and opens a browser tab. It does not request always:true nor modify other skills. Writing to the local workspace and preferences is expected for this skill, but the use of hard-coded absolute paths increases risk and reduces portability.
What to consider before installing
Do not install or run this skill without review and edits. Specific suggestions:
- Inspect and edit the scripts before use: remove hard-coded absolute paths (/Users/qifengxiang, /Volumes/...), replace them with configurable variables (preferably $HOME or env vars the installer can set).
- Remove the unnecessary python3 requirement from metadata (it's misleading) or actually use Python if intended.
- Fix process-selection.sh so it determines chosen filenames dynamically instead of mapping to hard-coded names (current mapping contradicts the random-selection scripts and may point to stale test data).
- Confirm the source directory (/Volumes/...) does not contain sensitive/private images; the skill will read and copy those files and open them in a browser.
- If you want to proceed, run the scripts in a sandbox or non-production account first, and change preview/avatar/prefs paths to a directory you control. Prefer adding explicit environment variables or configuration options so the skill doesn't assume another user's home directory.Like a lobster shell, security has layers — review code before you run it.
latestvk971nde6vp9w6atac5c8as76td83a19z
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binspython3