t-label 自动化标注工具
WarnAudited by ClawScan on May 10, 2026.
Overview
This annotation tool is partly purpose-aligned, but it asks the agent to erase upstream attribution, pull remote code, and can expose broad local file and image-processing capabilities without clear boundaries.
Only install or run this in an isolated environment after reviewing the code. Do not execute the author/copyright cleanup step, pin any cloned repository to a known commit, run the web service on localhost with authentication, restrict file access to a dedicated dataset folder, and avoid using sensitive datasets or API keys until credential and data-sharing behavior is clearly controlled.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You could be led into using or distributing a modified project with hidden upstream authorship or licensing obligations.
The skill explicitly tells the agent to remove upstream author, copyright, personal, and repository identifiers without traces, which can mislead users about project provenance and licensing.
版权信息清理:遍历项目所有文件,删除所有原作者相关的名称、署名、版权信息、个人信息、仓库作者标识等文本,不留任何痕迹
Do not run any attribution-removal workflow. Preserve upstream copyright/license notices and clearly disclose the fork/source.
The code that gets cloned later may differ from what was reviewed, and the agent may operate on unverified code.
The skill instructs automatic cloning of a remote repository, but the artifacts do not pin a commit, checksum, release, or verified source provenance.
项目源码获取:自动克隆https://github.com/beixiaocai/xclabel仓库到本地
Pin the repository to a reviewed commit or release, document provenance, and require user confirmation before cloning or running remote code.
If run as documented on a reachable host, other users or processes may be able to browse, upload, download, or delete files through the labeling service.
The documentation combines network-exposed service binding with broad file-manager operations, while the provided artifacts do not clearly show authentication, authorization, or directory restrictions.
python app.py --host 0.0.0.0 --port 9924 ... 支持文件系统导航和路径浏览 ... 支持文件选择、全选、批量下载和删除 ... 支持新建文件夹和文件上传
Run only on localhost by default, add authentication, restrict file operations to a dedicated dataset directory, and require explicit confirmation for delete/download actions.
Private dataset images or video frames could be exposed to unintended connected clients if the service is reachable.
The app permits broad cross-origin access and broadcasts progress updates that can include base64-encoded image/video frames, without a clear client identity or access boundary in the shown code.
CORS(app) ... SocketIO(app, cors_allowed_origins="*", async_mode='threading') ... progress['current_frame'] = current_frame ... socketio.emit('progress_update', progress)Restrict CORS/origins, require authentication for SocketIO clients, emit only to the requesting session/room, and avoid broadcasting raw image frames unless the user enables it.
Users may paste cloud API keys into command lines or configuration without clear handling guidance.
Provider API keys are expected for AI labeling, but the registry metadata declares no primary credential or environment-variable contract.
python tlabel_cli.py annotate ... --api-key "你的阿里云API密钥" ... --model "qwen-vl-max"
Document credential handling explicitly, prefer environment variables or a secrets store, and avoid putting API keys in shell history or shared config files.
Selected images may leave the local machine and be processed by a third-party AI provider.
The tool sends encoded image content to an external model-provider API for annotation, which is purpose-aligned but important for users to understand.
image_base64 = base64.b64encode(encoded_image_byte).decode("utf-8") ... client = OpenAI(api_key=self.api_key, base_url="https://dashscope.aliyuncs.com/compatible-mode/v1")Use only datasets you are allowed to share with the configured provider, and review the provider’s data-retention and privacy terms.