ClawHub

GLM-V-Doc-Based-Writing

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned: it uses a Zhipu API key to send user-provided documents to GLM-V for Markdown writing, so users should only use it with documents they are comfortable sharing with that provider.

Before installing, confirm you are comfortable giving the skill a Zhipu API key and sending the selected documents or document URLs to Zhipu GLM-V. Avoid using confidential documents unless your organization permits that provider processing.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI03: Identity and Privilege Abuse
Low
What this means

The API key may allow use of the user’s Zhipu account and billing quota.

Why it was flagged

The skill requires a Zhipu API key to authenticate to the external model provider. This is expected for the stated purpose and is not shown being logged or misused.

Skill content
requires:\n      env:\n        - ZHIPU_API_KEY\n    primaryEnv: ZHIPU_API_KEY
Recommendation

Configure the key only for users or environments that should access Zhipu, avoid sharing it in chats or files, and rotate it if exposed.

#
ASI07: Insecure Inter-Agent Communication
Medium
What this means

Private or sensitive document contents may be processed by the external Zhipu service.

Why it was flagged

The script sends the constructed payload, including document URLs or converted local PDF page images plus the writing requirements, to Zhipu’s chat-completions API.

Skill content
API_BASE_URL = "https://open.bigmodel.cn/api/paas/v4/chat/completions" ... requests.post(API_BASE_URL, headers=headers, json=payload, timeout=180)
Recommendation

Use this skill only with documents you are allowed to send to Zhipu, and review the provider’s data handling terms for confidential material.

#
ASI04: Agentic Supply Chain Vulnerabilities
Low
What this means

Installing dependencies adds normal package-supply-chain exposure on the user’s machine.

Why it was flagged

Local PDF handling depends on a user-installed Python package rather than an install spec. The setup step is disclosed and purpose-aligned, but it is still a dependency users should install from a trusted environment.

Skill content
`PyMuPDF` is required (`pip install PyMuPDF`).
Recommendation

Install PyMuPDF from a trusted package index in a clean Python environment, and avoid running the script with elevated privileges.