Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
批量图像处理工具
v1.0.0基于imutils库,实现图片批量旋转、缩放、平移、骨架化及图片列表列出功能,支持多场景图像处理。
⭐ 0· 235·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to be a PyImageSearch/imutils-based tool, but the repository contains Node.js wrapper scripts that call an external CLI named 'cli-anything-imutils'. No Python CLI implementation or installer is bundled. Documentation asks the user to pip install a local path (E:\AI-Tools\...) which is a developer-specific path and not a public install source. CLI names are inconsistent across files and docs (e.g., SKILL.md examples use '/rotate-image' while package.json exposes 'imutils-rotate' and scripts call 'cli-anything-imutils rotate-cmd'). These inconsistencies are unexpected for a clean skill and reduce confidence that the requested pieces align with the described purpose.
Instruction Scope
SKILL.md instructs the agent to run batch PowerShell loops that list and call command-line tools to operate on files — this is within the stated purpose of batch processing images. However, the doc also instructs installing a local developer path (pip install -e . from a Windows path) and uses ambiguous command names (leading slash '/rotate-image') that don't match the actual script/command names. The PowerShell examples enumerate arbitrary files in the working directory; while expected for batch tasks, they mean the skill will access file system contents broadly when invoked.
Install Mechanism
There is no install spec provided. The SKILL.md asks users to pip install a CLI from a local, developer-specific path rather than a public package or repository. The skill's code relies on an external CLI ('cli-anything-imutils') that is not included here. That combination (no packaged installer + dependency on an out-of-repo CLI + developer local path) is incoherent and increases risk because it's unclear what exactly will be installed or executed on the host.
Credentials
The skill does not request environment variables or credentials (good). However, the Node scripts build shell commands using user-provided file paths and pass them to child_process.execSync as a single shell command string. Paths are quoted but not otherwise sanitized; this creates a command injection risk if a malicious or malformed filename/argument is provided. No network endpoints or secrets are requested, so there is no explicit credential exfiltration, but the use of unsanitized shell execution broadens the attack surface.
Persistence & Privilege
The skill does not request persistent privileges (always: false). It does not modify other skills or system-wide settings. Autonomy (disable-model-invocation false) is normal and not by itself a concern, and the skill does not request 'always: true'.
What to consider before installing
This skill appears to implement batch image operations but has several red flags: documentation points to a developer-local pip path instead of a public installer; CLI names are inconsistent across docs and code; and the Node scripts call shell commands via execSync using user-supplied paths (risk of command injection). Before installing or running: 1) Ask the author for the canonical install instructions and the public source (GitHub URL) for the 'cli-anything-imutils' CLI. 2) Verify the external CLI's code and provenance; do not pip install from unknown local paths. 3) Inspect and, if possible, run the scripts in a sandboxed environment with non-sensitive test images. 4) Consider patching the Node scripts to use child_process.spawn/execFile with argument arrays or to properly sanitize/validate filenames to eliminate shell injection risk. 5) Confirm which exact command names are expected (e.g., '/rotate-image' vs 'imutils-rotate' vs 'cli-anything-imutils rotate-cmd') and that they map to trusted binaries. If you cannot validate the external CLI source or the author-provided install steps, treat this skill as untrusted and avoid running it on systems with sensitive files.scripts/resize.js:52
Shell command execution detected (child_process).
scripts/rotate.js:43
Shell command execution detected (child_process).
scripts/skeleton.js:39
Shell command execution detected (child_process).
scripts/translate.js:42
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
batchvk974bfycf9pzst9wm0eamykc3582x8zeimage-processingvk974bfycf9pzst9wm0eamykc3582x8zeimutilsvk974bfycf9pzst9wm0eamykc3582x8zelatestvk974bfycf9pzst9wm0eamykc3582x8zeopencvvk974bfycf9pzst9wm0eamykc3582x8zephotovk974bfycf9pzst9wm0eamykc3582x8ze
License
MIT-0
Free to use, modify, and redistribute. No attribution required.