ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ime_message_skill

v1.0.1

将输入法或语音输入系统已经识别出的口语文本,整理成适合即时通讯发送的自然书面语,并在用户明确指定目标语言时执行翻译。用于语音输入结束后的文本润色、消息发送前整理、口语转消息文案、聊天文本优化等场景。输入应为文本而不是音频;当用户已经有 asr 结果、想让句子更顺、更干净、更适合发送时使用本技能。默认使用 doub...

0· 186·0 current·0 all-time
byHeiMaoM@hei-maom
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description match the implementation: the skill rewrites already-recognized spoken text into sendable IM messages and uses a remote LLM for that. However, the package registry metadata lists no required env vars while the SKILL.md and scripts require IME_MODEL_API_KEY (and allow IME_MODEL_BASE_URL/IME_MODEL_NAME). This metadata omission is an inconsistency that could mislead integrators.
Instruction Scope
SKILL.md and scripts confine behavior to taking input text, optionally adding a translation instruction, calling the configured model endpoint, and returning the rewritten text. There are no instructions to read unrelated files, shell-history, or other system secrets. The skill explicitly warns not to accept audio/ASR work itself.
Install Mechanism
No install specification (instruction-only plus a small helper script) — no archives or remote installers. The only runtime dependency is the openai Python package used by scripts/rewrite_client.py, which is noted in the script.
Credentials
The script requires one API credential (IME_MODEL_API_KEY) plus optional IME_MODEL_BASE_URL/IME_MODEL_NAME/TEMPERATURE/TIMEOUT — reasonable for a remote-model integration. The registry metadata, however, does not declare any required env vars or primary credential, which is a mismatch and may cause integrators to miss that they must supply a token. The default base URL (models.audiozen.cn) is a third-party endpoint; confirm you trust it before sending user content.
Persistence & Privilege
The skill does not request permanent/always-on status, does not modify other skills or global agent config, and does not persist credentials in the package. There is no installation step that writes to system paths.
What to consider before installing
This skill is internally consistent in function — it rewrites text by calling a remote model — but it will send user-provided message text to an external service (default https://models.audiozen.cn) and requires an API token (IME_MODEL_API_KEY) even though the registry metadata doesn't declare it. Before installing: 1) Verify you trust the endpoint and the operator of models.audiozen.cn; decide whether sending potentially sensitive chat content to that service is acceptable. 2) Provide the API token via environment variables (do not hard-code it in the package). 3) Review scripts/rewrite_client.py (it will include the full raw model response if run with --json and returns response.model_dump() in JSON) to ensure no unexpected logging or storage. 4) If privacy is a concern, consider running a locally hosted/enterprise model or an allowed endpoint, and set IME_MODEL_BASE_URL accordingly. 5) Note the metadata mismatch (required env var not declared) — make sure deployment automation sets IME_MODEL_API_KEY or the skill will fail.

Like a lobster shell, security has layers — review code before you run it.

latestvk978x7a5khpef3rmxx55wdycsd82xk9j

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments