GLM-V-Prompt-Gen
PassAudited by ClawScan on May 1, 2026.
Overview
This skill is a coherent prompt-generation helper that uses a Zhipu API key and sends user-provided images or video URLs to the Zhipu vision API.
Before installing, make sure you are comfortable providing a Zhipu API key and sending selected images or video URLs to Zhipu for analysis. The provided artifacts do not show hidden persistence, unrelated data access, or credential exfiltration.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill needs access to your Zhipu API key and can make API requests billed or governed by that account.
The script uses the configured ZHIPU_API_KEY as a bearer token to authenticate to the Zhipu API, which is expected for this integration but is still sensitive credential use.
"Authorization": f"Bearer {api_key}"Use a revocable API key, monitor usage, and only install if you trust this skill to call the Zhipu API for prompt generation.
Images you choose to analyze, and video URLs you provide, may be sent to Zhipu’s service for processing.
The script sends prompt-generation requests, including user-provided image data or video URLs, to an external Zhipu API endpoint.
API_BASE_URL = "https://open.bigmodel.cn/api/paas/v4/chat/completions"
Avoid sending private or sensitive visual content unless you are comfortable with Zhipu processing it under its API terms.