qqbot-image-helper
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill is coherent for analyzing QQBot-downloaded images, but it works by copying selected local images from a restricted folder into an image-readable media folder.
Before installing, be aware that this skill helps the agent copy local QQBot images from a restricted download folder into ~/.openclaw/media for analysis. That is consistent with its stated purpose, but only use it for images you intend to analyze, avoid copying whole directories, and clean up copied files afterward if they are private.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A private local image from QQBot or another restricted folder could be copied into the media folder and then analyzed by the image tool if the agent uses this skill.
The skill instructs the agent to use local file copy commands to move images from a directory the image tool cannot directly access into an allowed media directory. This is disclosed and purpose-aligned, but users should notice that it works around an access boundary.
将受限目录的图片复制到 `~/.openclaw/media/` 目录(已验证可被 image 工具访问)。
Use only for specific images the user supplied or explicitly asked to analyze; avoid broad paths or wildcards, and confirm the source path before copying.
Copied images may remain available in the media directory for later sessions or future tool use unless removed.
The skill acknowledges that copied files may accumulate in the media directory, meaning images can persist after the immediate analysis task.
media 目录会累积临时文件,建议定期清理
Periodically delete copied images that are no longer needed, especially if they may contain private or sensitive content.