Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
zhipu-image
v2.0.0智谱 GLM-Image 网页端图片生成与下载。用于:检查 image.z.ai 登录态、必要时自动打开浏览器登录、抓取浏览器 Cookie、通过网页接口生成图片并下载到本地。适用于“用智谱生图”“生成一张图并保存/发送”“检查智谱登录状态”“自动打开智谱登录页”等场景。
⭐ 0· 45·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (web login-based image generation for image.z.ai) align with the code: it captures browser cookies, probes image.z.ai endpoints, generates images, and saves files. However the SKILL.md and code disagree about session file location (SKILL.md says ~/.zhipu_image_session.json; code writes to USERPROFILE on Windows). The skill also implicitly requires a browser with remote debugging port 18800 and a Node runtime, but metadata did not declare these as required binaries/configs.
Instruction Scope
The SKILL.md explicitly instructs the agent to capture browser login state, open the login page, and save cookies; the code implements this. This scope is within the described purpose. Important caveat: capturing cookies means collecting session tokens (sensitive data). The code also includes a network monitor helper for reverse-engineering web requests; that is reasonable for maintenance but broad in that it inspects network traffic when used.
Install Mechanism
No remote downloads or extract steps are present. Dependencies are standard npm packages (chrome-remote-interface) declared in package.json / package-lock.json. There is no install spec in the skill bundle, so the risk surface is limited to included JS files and any npm install the user runs locally.
Credentials
The skill does not request environment variables or external credentials, but it programmatically captures browser cookies (sensitive session tokens) via Chrome DevTools Protocol on port 18800 and stores them plaintext in a session file in the user's home directory. Capturing and storing cookies is proportionate to a web-login approach, but it is privacy-sensitive and should be explicit to the user. Additional issues: hard-coded use of process.env.USERPROFILE (Windows) and an unconditional dependency on a browser remote debugging port are not declared in metadata.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and only stores its own session file in the user's home directory. It opens the browser (via cmd.exe/start) and may wait for user login, which are normal behaviors for a web-login helper.
What to consider before installing
This skill will capture your browser session cookies for image.z.ai (it uses Chrome DevTools Protocol on port 18800) and save them as a plaintext JSON session file in your user home directory. Those cookies can grant access to your account, so only use this on a machine you trust. Note also: the code is Windows-oriented (uses USERPROFILE and start with cmd.exe) despite no OS restriction in metadata; if you're on macOS/Linux it likely won't work without modification. There's an odd fallback require path (an absolute path to another user's workspace) in zhipu_api.js — likely leftover developer code; it won't necessarily be malicious but is a red flag you may want to inspect. Before installing: review the JS source yourself, run npm install in an isolated environment (or a VM/container), ensure you understand and are comfortable with storing cookies in ~/.zhipu_image_session.json (or USERPROFILE), and consider manually exporting cookies rather than auto-capture if you have security concerns. After use, delete the session file if you no longer want stored credentials.scripts/zhipu_api.js:118
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97449cfr8m4749dnscqew63qs84fkzz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.