My Generate Qr Code
PassAudited by ClawScan on May 10, 2026.
Overview
This skill appears to be a straightforward QR-code generator with disclosed local file output, though it may write to user-chosen paths and attempts runtime package installation.
This skill looks safe for generating QR-code images. Before using it, choose the save path deliberately and consider installing qrcode and pillow yourself in a virtual environment so the skill does not need to modify your Python setup.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The generated QR image will be saved locally, potentially wherever the user or agent specifies.
The skill can create directories and save an image to the requested path. This is central to its purpose and disclosed, but users should avoid protected or sensitive paths and be aware of possible overwrites.
if not os.path.exists(save_dir):
os.makedirs(save_dir)
# 保存图片
img.save(save_path)Use an explicit, safe output path such as a Desktop or project folder, and avoid saving over important files.
If the dependency installation path is used, it may change the local Python environment and download packages.
The code includes automatic installation of unpinned Python packages. This matches the documented dependency need, but it is not represented as a formal install spec and can fetch code from the package ecosystem.
required_packages = ["qrcode", "pillow"] ... subprocess.check_call([sys.executable, "-m", "pip", "install", package])
Prefer installing dependencies in a virtual environment from trusted package sources; maintainers should pin versions and declare dependencies in an install spec.