ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

rembg: remove-image-background

v0.0.1

使用 rembg AI 模型去除图片背景,生成透明背景的 PNG 图片。首次使用需运行 setup/install.py 初始化环境。

0· 349·3 current·3 all-time
by@justzerox
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with behavior: scripts create a local virtualenv (~/.venv/rembg), install rembg and dependencies, download models (~176MB to ~/.u2net/) and provide CLI and Python wrappers to remove image backgrounds. No unrelated credentials or external services are requested.
!
Instruction Scope
Runtime instructions and included scripts read/write user shell config (e.g. ~/.zshrc or ~/.bashrc), create a virtualenv under the user's home, and download packages/models from the network. The Python wrapper code embeds user-supplied file paths directly into Python -c code inside single quotes (e.g. Image.open('{input_file}')), which can be broken by filenames containing quotes or crafted input to inject Python code — this is an input-sanitization / command-injection risk.
Install Mechanism
There is no centralized install spec; instead an included setup/install.py creates a venv and runs pip install -r requirements.txt (rembg[cpu,cli]==2.0.72 and socksio). This will pull from PyPI and rembg will download model files (GitHub releases) at runtime. That is expected for this tool but entails executing third-party code and network downloads.
Credentials
The skill requests no credentials or env vars. However it modifies user shell configuration (appending virtualenv bin to PATH or setting Windows user PATH) and writes into user home (~/.venv/rembg, ~/.u2net, and output dirs). These are proportionate to providing a CLI, but they are persistent and affect the user's environment.
Persistence & Privilege
always:false and the skill is not force-enabled, but install writes persistent artifacts (virtualenv, models, and shell config edits) into the user's account. That is expected for local CLI tools but worth noting because it changes user environment and will persist until reversed.
What to consider before installing
This skill appears to do what it claims (local background removal) but has several things to consider before installing: - It will create a virtual environment in your home (~/.venv/rembg), modify your shell startup file to add that venv to PATH, and install packages from PyPI. If you prefer not to have persistent changes, run the install steps manually inside an environment you control. - The rembg package will download model files (~176MB) from the network (GitHub releases) on first use. Expect network activity and disk usage. - The scripts embed input file paths inside Python -c code using single-quoted strings. Filenames containing quotes or specially crafted names could break those strings and allow execution of arbitrary Python code. Avoid running these scripts on untrusted inputs, inspect and/or sanitize filenames, or adapt the scripts to pass filenames safely (e.g., via command-line args parsed with argparse or by using subprocess with a safe argument list inside the spawned Python process). - If you are cautious: review setup/install.py and the requirements.txt, consider creating and activating your own venv and running pip install there, or run the scripts in an isolated container or VM first. If you proceed, inspect any edits to ~/.zshrc / ~/.bashrc and remove them if undesired.

Like a lobster shell, security has layers — review code before you run it.

latestvk972kp9v97xghyq4g3jb9hm4g982kb6d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments