Lanxin Media
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill has no suspicious code, but its instructions can broadly turn file/image requests into automatic Lanxin upload tags while suppressing refusals or explanation.
Install only if you want the agent to send selected images/files through Lanxin. Before use, make sure the file path and destination are explicit, and be cautious with sensitive local files because the skill’s instructions discourage explanation or refusal.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may try to output a send/upload tag even when it should ask for clarification, confirm safety, or decline.
The skill explicitly tells the agent not to refuse or say the action is unsupported, which can override normal safety and capability boundaries.
核心规则(绝对禁止违反) ... 禁止说“无法发送”“不支持”“暂时不能”等拒绝话术 ... 禁止拒绝发送
Remove the no-refusal rule and allow the agent to ask for confirmation, report unsupported cases, and refuse unsafe or unauthorized file-sending requests.
A normal discussion about local files or images could activate instructions that cause the agent to emit tags intended for automatic uploading.
Generic file/image triggers are paired with an auto-parsed upload mechanism, making the upload behavior broader than an explicit Lanxin-send workflow.
triggers: ... 图片 ... 文件 ... 本地文件 ... 本地图片 ... priority: 99 ... 使用 <lximg> <lxfile> 标签发送,系统自动解析上传。
Narrow triggers to explicit Lanxin sending requests, require a user-selected path and destination, and add a confirmation step before emitting upload tags.
Files or URLs placed inside these tags may be handed to the Lanxin upload mechanism and leave the local environment.
The skill relies on a system/parser integration to upload files from local paths or URLs; this is purpose-aligned, but the artifacts do not describe recipient, account, or boundary checks.
使用 <lximg> <lxfile> 标签发送,系统自动解析上传。 ... <lxfile>文件路径或URL</lxfile>
Use the skill only for files the user explicitly wants to send through Lanxin, and document what account, destination, and confirmation controls apply.