ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Relive

v0.1.0

AI digital twin cloning skill. Re:live — chat again with someone you love. Input chat logs, images, audio, and other materials to replicate a person's person...

1· 147·1 current·1 all-time
by@joonaskahnwald
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Functionality in code (LLM generation, CosyVoice voice cloning, and a video-generation API client) aligns with the skill description (digital twin cloning). Asking the user to provide chat logs, reference audio, and an optional image is coherent. However, the skill's registry metadata declares no required environment variables while the code and README reference external credentials (OPENAI_API_KEY, ARK_API_KEY and model downloads that may need tokens). This mismatch (declared none vs. code expecting keys) is unexpected and should be justified.
!
Instruction Scope
SKILL.md instructs the agent to read and write files under the skill storage (expected) but also to add entries into the workspace root USER.md so the main agent will route relive commands — that modifies a workspace-global file. The runtime flow persists conversation logs and profile.md under storage/default_* (sensitive personal data). The instructions also direct cloning third‑party code (CosyVoice) and bulk model downloads. Reading/writing workspace-level USER.md and persistent storage is broader scope than a simple ephemeral helper and increases risk of accidental leakage or undesired workspace modification.
Install Mechanism
No formal install spec in registry (instruction-only), but README and SKILL.md instruct manual setup: create a Python venv, pip install -r requirements.txt, git clone CosyVoice from GitHub, and use snapshot_download to fetch large models from HuggingFace/Modelscope. These are standard hosts (GitHub, HuggingFace, Modelscope) but involve downloading and executing sizable third-party code and models onto disk — moderate risk and should be done in an isolated environment. No obscure or shortener URLs were used.
!
Credentials
Registry requirements list no env vars, yet code and docs reference and will use OPENAI_API_KEY (LLMEngine), ARK_API_KEY or video_generation.api_key (VideoGenEngine), and model hosting credentials/clients (huggingface_hub or modelscope). The agent will send content to external services (OpenAI, Volcengine/Ark, HuggingFace/Modelscope) when those keys are present. Sensitive personal data (chat logs, reference audio, transcripts) will be processed and could be transmitted to these external services if configured — the absence of declared required env vars is a proportionality and transparency issue.
!
Persistence & Privilege
The skill persists chat logs, profiles, voice profiles and generated artifacts under storage/{user_id}_{target_id}/ inside the skill directory (expected). However it also requires the user to add entries to USER.md in the workspace root and the main Agent will read that to route commands, meaning the skill asks to modify a workspace-global file. The skill is not 'always:true', but the ability to alter USER.md and store persistent personal data increases its effective privilege and persistence in the workspace.
What to consider before installing
This package implements a plausible 'digital twin' workflow, but there are several things to check before installing or using it: - Credentials and external services: The code will call external APIs if keys are present (OpenAI via OPENAI_API_KEY, Volcengine/Ark via ARK_API_KEY, and it will download models from HuggingFace/Modelscope). The skill metadata does not declare these env vars — verify and only supply keys you trust and intend to use. - Data privacy: You will be asked to upload chat logs, reference audio, and transcripts (highly sensitive personal data). These files are persisted under the skill's storage directory and may be sent to external services if API keys are configured. Don’t provide private data unless you accept that it may be stored locally and potentially transmitted. - Workspace modification: The runtime expects you to add characters to USER.md in the workspace root. That modifies a global file used by the agent; if you want to avoid this, consider keeping copies or isolating the skill in a sandboxed workspace. - Third‑party code and large models: The README asks you to git clone CosyVoice and download large models (HuggingFace/Modelscope). Run these steps only in an isolated virtual environment or sandbox machine and inspect the cloned code before executing. - Run safely: Use a dedicated virtualenv and, if possible, an isolated VM/container; review requirements.txt before pip installing; avoid adding API keys unless necessary; and test with non-sensitive dummy data first. If you need more assurance, ask the skill author for an explicit list of required env vars and a justification for USER.md modifications.

Like a lobster shell, security has layers — review code before you run it.

latestvk9779g28dg6b8e0ktdz4x739r1831fxk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments