ClawHub
Back to skill
v1.0.3

GLM-V-Caption

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:35 AM.

Analysis

This skill looks purpose-aligned, but it runs a local captioning script and sends selected media to Zhipu using your API key.

GuidanceBefore installing, be comfortable with running the included Python helper, providing a ZHIPU_API_KEY, and sending selected media or media URLs to Zhipu. Use a dedicated API key, monitor usage, and avoid confidential files unless that external processing is acceptable.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack
SeverityLowConfidenceHighStatusNote
SKILL.md
ONLY use GLM-V API — Execute the script `python scripts/glmv_caption.py`; NEVER caption media yourself; IF API fails — Display the error message and STOP immediately; NO fallback methods

These instructions force an API-only workflow and change fallback behavior. This is disclosed and purpose-aligned, but it meaningfully constrains how the agent may respond.

User impactIf the Zhipu API is unavailable or unsuitable, the agent may stop instead of offering another way to caption the media.
RecommendationInstall this skill when you specifically want Zhipu GLM-V captioning; disable it or avoid invoking it if you want local, built-in, or fallback captioning.
Unexpected Code Execution
SeverityInfoConfidenceHighStatusNote
SKILL.md
Execute the script `python scripts/glmv_caption.py`

Using the skill involves running the included local Python script. This is central to the skill's design and is not hidden.

User impactThe agent will execute local helper code to prepare media and call the Zhipu API.
RecommendationUse the skill only from a source you trust and keep the included script under normal review before providing credentials or private media.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
scripts/glmv_caption.py
api_key = os.environ.get("ZHIPU_API_KEY") ... "Authorization": f"Bearer {api_key}"

The script authenticates requests to Zhipu with the user's API key, which is expected for this integration but gives the skill account-level API access for caption requests.

User impactRequests may consume quota or incur costs on the configured Zhipu account.
RecommendationUse a dedicated, revocable API key if possible, store it securely, and monitor usage on the Zhipu account.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
scripts/glmv_caption.py
with open(path, "rb") as f: img_data = base64.b64encode(f.read()).decode() ... API_BASE_URL = "https://open.bigmodel.cn/api/paas/v4/chat/completions" ... requests.post(API_BASE_URL, headers=headers, json=payload

Local images can be read, encoded, and sent to Zhipu's external API for captioning. This data flow is expected and disclosed, but it is sensitive-data movement outside the local environment.

User impactImages, prompts, and media URLs submitted for captioning may be processed by Zhipu.
RecommendationAvoid submitting confidential or regulated media unless Zhipu's terms, retention, and privacy practices are acceptable for that data.