Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
vision-skill
v1.0.0Use this skill for computer vision tasks including image recognition (OCR, object detection) and image generation (text-to-image, image-to-image). Supports a...
⭐ 0· 290·1 current·1 all-time
by@lgwanai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description describe vision recognition and image generation and the code implements Tencent COS uploads and calls a Doubao (Volcengine) API — these capabilities align with the stated purpose. However the registry metadata lists no required env vars while the SKILL.md, README and code require COS_* and DOUBAO_* credentials, which is an incoherence between metadata and actual requirements.
Instruction Scope
SKILL.md and CLI instruct uploading local images to COS, calling Doubao endpoints, storing async task files under a local .tasks/ directory, and optionally downloading generated images — the instructions and included code stay within that scope and do not attempt to read unrelated system files or credentials beyond those needed for COS/Doubao.
Install Mechanism
This is labelled as instruction-only in the registry, but the package includes Python source and a requirements.txt (requests, python-dotenv, cos-python-sdk-v5). There is no download-from-URL or opaque installer; installing implies pip installing listed deps and running bundled scripts. The discrepancy between 'no install spec' and presence of code is noteworthy but not inherently malicious.
Credentials
The code requires Tencent COS credentials (COS_SECRET_ID, COS_SECRET_KEY, COS_BUCKET_NAME, COS_REGION) and DOUBAO_API_KEY (plus optional fallback model vars). Those credentials are appropriate for the described cloud storage and model API usage, but the registry metadata incorrectly declared 'Required env vars: none' — a meaningful mismatch. Also the COS client uses permanent keys (Token=None), so users should understand they're providing full access keys rather than short-lived tokens.
Persistence & Privilege
The skill does not request always:true or global agent privileges. It writes task state and logs under a local .tasks/ directory and spawns worker processes when a task is submitted — expected for an async CLI-style skill. It does not modify other skills' configs or system-wide settings.
What to consider before installing
Key points before installing:
- Do NOT trust the registry metadata that says 'no env vars' — this skill requires your Tencent COS keys and a Doubao/Volcengine API key. Only provide those secrets if you intend the skill to upload images to your COS bucket and call the Doubao API.
- Verify the API endpoint: the client uses https://ark.cn-beijing.volces.com/api/v3 which does not match the README link to console.volcengine.com; confirm this hostname is legitimate for your provider or replace it with an official endpoint from your Doubao/Volcengine account.
- Use least-privilege credentials: create a COS bucket and keys scoped to that bucket (and consider using short-lived tokens if possible) rather than reusing broad permanent keys.
- Inspect and run the code in an isolated environment first (e.g., throwaway VM or container). The scripts will write to a local .tasks directory and .tasks/worker.log, spawn background worker processes, and upload local files to COS — confirm that behavior is acceptable.
- If you will expose sensitive images, set the COS bucket permissions appropriately (private by default) and review how temporary URLs are generated/used.
- If anything (metadata mismatch, unusual base_url, or unexpected network endpoints) looks off, ask the publisher for clarification or consider alternative, better-audited tools.Like a lobster shell, security has layers — review code before you run it.
latestvk975dfav71sxf6m3tdyezxh36h838177
License
MIT-0
Free to use, modify, and redistribute. No attribution required.