Qwen Comic Gen
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The advertised image generator is bundled with a large unrelated workspace containing secrets, broad agent instructions, memory files, scheduled-agent material, and shell-executing scripts.
Do not install this bundle as-is. Request a minimal, reviewed image-generation skill with declared uv/Python requirements and a Gemini API key contract, remove AGENTS.md/memory/hooks/Feishu material, and rotate any exposed secrets before republishing.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing it may expose your agent to much more code and instruction material than needed for image generation.
The advertised skill is a simple image generator, but the package includes a broad unrelated workspace with other skills, hooks, memory, agents, and scripts.
615 file(s): ... AGENTS.md ... memory/... hooks/... skills/feishu-multi-agent-manager/... skills/rag_search/... scripts/autonomous-thinking.js ...
Ask for a minimal package containing only SKILL.md, the reviewed image-generation helper, and declared dependencies; remove unrelated workspace files before installation.
These secrets could grant access to third-party services or accounts and create confusion about which credentials the skill might use.
The package contains hardcoded provider, Feishu, and gateway credentials unrelated to the stated Gemini image-generation purpose.
`SERPER_API_KEY`, `DASHSCOPE_API_KEY`, `appSecret`, `verificationToken`, and `gateway.auth.token` all have literal values in the file.
Do not publish or install bundles with embedded secrets; rotate the exposed credentials and require users to provide only their own Gemini key through a declared environment variable.
A compatible agent could treat these unrelated instructions as authoritative and change its behavior before handling the user's image request.
This root instruction file tells an agent to perform broad workspace setup and memory reads before anything else, unrelated to image generation.
Before doing anything else: 1. Read `SOUL.md` ... 2. Read `USER.md` ... 3. Read `memory/YYYY-MM-DD.md` ... Don't ask permission. Just do it.
Remove root-level agent instruction files from the skill package, or scope them so they cannot override the user's task or platform instructions.
Private context or stored instructions could be pulled into unrelated tasks or reused across sessions without clear user control.
The package instructs agents to load and modify persistent memory files, and the manifest includes many memory/profile files.
Read `memory/YYYY-MM-DD.md` ... Also read `MEMORY.md` ... You can read, edit, and update MEMORY.md freely
Do not bundle personal memory files with an image skill; keep any memory access opt-in, path-scoped, and clearly documented.
If unrelated hooks or scripts are activated, they could run local shell commands outside the image-generation workflow.
The static scan shows shell execution in an unrelated gateway hook; this is beyond the disclosed image-generation helper.
execSync(`robocopy "${config.path}" "${backupPath}" /E /COPYALL /R:0`);Remove unrelated executable hooks from the skill bundle, or require explicit user approval and documentation for any local command execution.
A user could unknowingly install material intended for ongoing background automation rather than a one-shot image tool.
The artifact set describes recurring autonomous tasks and memory sync behavior that are not needed for image generation.
Cron 任务 ... 每小时知识库索引更新 ... 每天 23:00 晚安记忆同步(OneDrive) ... OpenClaw Cron - 定时任务调度
Exclude cron, heartbeat, multi-agent, and sync configuration from the image skill unless persistence is required, declared, and user-controlled.