ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Kaipai

v1.0.0

Video file → videoscreenclear or hdvideoallinone + spawn-run-task and sessions_spawn (main session). Image → eraser_watermark or image_restoration + blocking...

1· 62·0 current·0 all-time
by@kaipai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill is an image/video processing wrapper around a commercial Kaipai API (watermark removal, restoration). The code, SKILL.md, and skill.json all require MT_AK/MT_SK (access key/secret) and implement upload/download/delivery helpers (Feishu, Telegram). That matches the declared purpose. However the top-level 'Requirements' summary provided with the skill (Registry metadata) lists no required env vars — this contradicts skill.json and SKILL.md which both declare MT_AK/MT_SK as required. This mismatch is unexpected and should be resolved before trusting automatic installation.
Instruction Scope
SKILL.md restricts network activity to the Kaipai flow (run-task / sessions_spawn) and instructs agents to use the included CLI. The runtime scripts do what SKILL.md describes: they download user-provided input URLs, call the WAPI (webapi-action-skill.meitu.com) and the Kaipai flow, and optionally deliver results via Feishu/Telegram. The skill also reads ~/.openclaw/openclaw.json for channel credentials and writes state under ~/.openclaw/workspace and ~/.cache/kaipai. Those file reads/writes are within the skill's delivery pipeline but are broader than a purely stateless processor, so users should be aware the skill will access local OpenClaw channel credentials and persist job state.
Install Mechanism
There is no install spec (instruction-only at the registry level), but the bundle contains Python scripts and a requirements.txt (requests, alibabacloud-oss-v2, pytest). No remote downloads or URL-based installers are used. Installing dependencies via pip is required for full functionality; that is a normal but nontrivial step. Because code files are included, the skill will be executed on the host when invoked (not just remote API calls).
!
Credentials
The skill actually requires MT_AK and MT_SK (Kaipai access/secret) and also expects delivery credentials: TELEGRAM_BOT_TOKEN (env) or Feishu appId/appSecret in ~/.openclaw/openclaw.json. The registry header incorrectly said 'Required env vars: none' — this is an important inconsistency. The skill reads .env files (scripts/.env or cwd/.env) and may populate environment variables, and it persists cached gid and job history in the user's home directory. Requiring Kaipai AK/SK is reasonable for a paid API, but you must not provide unrelated credentials; verify you trust the WAPI host (webapi-action-skill.meitu.com) before supplying keys.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It persists state and caches under ~/.openclaw/workspace/openclaw-kaipai-ai and ~/.cache/kaipai/gid*.json and reads ~/.openclaw/openclaw.json for channel credentials. This is normal for a delivery-capable skill but does mean it will create files under the user's home directory and read host channel configuration.
What to consider before installing
Before installing: 1) Resolve the metadata mismatch — the registry summary says no env vars but the skill and SKILL.md require MT_AK and MT_SK. Do not provide AK/SK unless you trust the Kaipai/WAPI host (webapi-action-skill.meitu.com). 2) Expect the skill to read/write local OpenClaw files (~/.openclaw/openclaw.json, ~/.openclaw/workspace/, ~/.cache/kaipai/) and to read .env files in the skill directory or CWD — remove sensitive entries you don't want the skill to see. 3) If you plan to use Telegram/Feishu delivery, provide TELEGRAM_BOT_TOKEN (env) or configure Feishu credentials in ~/.openclaw/openclaw.json; verify those are the only channels the skill will access. 4) Review the included scripts (kaipai_ai.py, client.py, ai/api.py, sign_sdk) yourself or run the skill in an isolated/test account before giving production credentials. 5) If you cannot verify the WAPI endpoint or the origin of the package, treat the AK/SK as sensitive and avoid installing or run in a sandboxed environment. If you want me to, I can list the exact files and code locations that read each credential and where files are written so you can audit them more easily.

Like a lobster shell, security has layers — review code before you run it.

latestvk9766sb4se3js3dy9phvz22rjh83n2j1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🖼️ Clawdis
Binspython3

Comments