Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
focusavatar
v0.1.0数字人生成 CLI 工具,凭 accessKeyId/accessKeySecret 调用后端 API,支持提交任务(MP3/MP4/文字→视频)与查询任务结果(orderNo);不存储用户数据,凭证仅通过请求头发送。
⭐ 0· 103·0 current·0 all-time
by@lintqiu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code, SKILL.md, README, and scripts all implement a client that submits MP3/MP4/text to a backend and polls for results — this matches the stated purpose. However the registry metadata initially reported 'Required env vars: none' and 'Primary credential: none' while skill.json and the scripts clearly require FOCUSAVATAR_ACCESS_KEY_ID and FOCUSAVATAR_ACCESS_KEY_SECRET. This mismatch between registry summary and the embedded files is an incoherence that reduces trust.
Instruction Scope
Runtime instructions and scripts are narrowly scoped to: read credentials from env or prompt, POST to two endpoints (/skill/api/submit and /skill/api/api/result) and poll until done. The skill does not read other system files or unrelated environment variables. Caveats: the polling loop has very long/infinite timeouts (requests timeout set to very large values and no retry cap), meaning the agent may be held for minutes; the code will repeatedly contact whatever BASE_URL (FOCUSAVATAR_API) you configure, so ensure that endpoint is trusted.
Install Mechanism
There is no formal install spec in the registry; SKILL.md suggests using 'npx skills add https://github.com/lintqiu/focusavatar'. Downloading from a public GitHub repo is common, but the package provenance is unclear (Source: unknown, no homepage). Verify the referenced GitHub repo and its owner before installing. No third-party binary downloads or obscure URLs are present in the code.
Credentials
The skill legitimately needs an accessKeyId/accessKeySecret to call the backend and uses explicit header names (X-Access-Key-Id / X-Access-Key-Secret). That is proportionate to the described API usage. However, the registry metadata incorrectly omitted these required env vars, and skill.json declares credentials while the registry summary did not — this inconsistency is suspicious. Also the default backend/domains (https://yunji.focus-jd.cn and https://login.joycoreai.com/) are not clearly branded; confirm you trust the service that will receive your credentials and content.
Persistence & Privilege
The skill does not request elevated OS privileges, does not set always:true, and the code does not persist credentials to disk. It only sends credentials in request headers to the configured backend. That behavior is consistent with the declared non-persistence.
What to consider before installing
This skill's code matches its stated function (submit media/text and poll a backend). Before you install or provide credentials: 1) Verify the repo/source (the package references a GitHub repo owner 'lintqiu' but the registry shows 'Source: unknown' and no homepage). 2) Confirm the backend domain (FOCUSAVATAR_API default https://yunji.focus-jd.cn and console link https://login.joycoreai.com/) belongs to a trusted provider — if not, do not reuse important credentials. 3) Prefer creating a scoped/test key on the provider with minimal permissions and limited quota rather than using high-value credentials. 4) Be aware the script polls for minutes with very long timeouts; if run by an autonomous assistant it may consume long run-time. 5) If you need higher assurance, inspect the referenced GitHub repo history and commits, and run the Python scripts in an isolated environment (or container) with a throwaway credential first. If you cannot confirm the provider and repository, treat this skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk975egdvt9m0b0b239sj1n99zs8392g8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.