Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Lora Pipeline
v1.0.0Manages end-to-end LoRA training: collects and verifies photos, scrapes datasets, applies quality checks, captions, and trains the LoRA model locally.
⭐ 0· 136·1 current·1 all-time
by@iskwang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's description (end-to-end LoRA pipeline) matches the instructions and included scripts. However the registry metadata declares no required binaries or env vars while the SKILL.md explicitly depends on runpodctl, ssh/scp, unzip, Python + many Python packages (deepface, opencv, onnxruntime, pandas, PIL), and local ONNX/WD14 tagger models. That mismatch (no declared dependencies vs. heavy toolchain required) is incoherent and will cause failures or implicit network activity to fetch models/tools.
Instruction Scope
Runtime instructions include web scraping (browser JS snippets and instructions to bypass SNS login via mirrors), extensive filesystem operations, spawning sub-agents, scp/ssh upload to remote RunPod pods, and automated remote training. The SKILL.md's 'NO DATA INSPECTION/NO CLOUD UPLOAD' guidance is contradictory in places (e.g., it forbids sending images to cloud APIs for verification but instructs uploading datasets to remote pods for training). The agent is instructed to perform network transfers (scp/ssh) and spawn long-running sub-agents which are beyond simple local helper behavior — these are appropriate for training but require clear declared permissions and user consent.
Install Mechanism
There is no install spec (instruction-only), which lowers install risk. But included scripts assume many preinstalled binaries and libraries (accelerate path '/venv/bin/accelerate', runpodctl, system Python packages) and expect model files to exist locally. No mechanism is provided to install or verify those dependencies; this is an operational risk (failures or implicit downloads at runtime).
Credentials
The skill requests no declared environment variables or credentials, yet the workflow requires access to the user's SSH key, runpodctl configuration, and possibly local model directories (e.g., tag_batch.py hardcodes '/Users/mini/.openclaw/...'). Hardcoded absolute paths and implicit reliance on SSH keys / known_hosts files are disproportionate to a clean, portable skill design and risk accidental use of personal files or keys. The skill also requires RunPod credits / account access (implied) but doesn't declare or request credentials explicitly.
Persistence & Privilege
The skill is not force-installed (always:false) and follows the normal model-invocation defaults. It uses sub-agents and sessions_spawn as part of its design; this autonomous behavior is expected for long-running training tasks. Nothing in the package attempts to modify other skills or grant itself permanent system-wide privileges.
What to consider before installing
This skill implements a full LoRA training pipeline but is sloppy: it doesn't declare the system tools and Python libs it needs, contains hardcoded paths (e.g., /Users/mini/...), and assumes you have runpodctl/SSH keys and local model files. Before installing or running: 1) Do not run it blindly — inspect and fix absolute paths in tag_batch.py and other scripts. 2) Ensure you understand and consent to uploading datasets to remote RunPod pods and that you control the SSH keys used. 3) Verify required Python packages and ONNX/Wd14 models are installed in known locations, or change the scripts to configurable paths. 4) Confirm you have permission to scrape and use the images (privacy and legal risk). 5) If you expect a small/local-only helper, this skill is overprivileged; if you intend cloud training, validate runpodctl configuration and review the SCP/SSH commands carefully. If you want, provide the missing dependency list and replace hardcoded paths and I'll re-evaluate.Like a lobster shell, security has layers — review code before you run it.
latestvk97e59pnxqhcv48am7v5vc07q9834rvj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.