ClawHub

Hotdog

v10.1.1

Hot dog or not? Classify food photos and battle Nemotron. Use when a user sends a food photo, asks if something is a hot dog, or says 'hotdog', '/hotdog', or 'hot dog battle'.

3· 2.3k·2 current·2 all-time
by@mishafyi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The name/description (classify food photos and compete in a 'battle') aligns with the runtime actions: the SKILL.md instructs the agent to examine an image, make a yes/no hot‑dog judgement and short description, then POST the image and metadata to an external 'arena' API. Requiring curl is proportionate to the described behavior.
!
Instruction Scope
The instructions explicitly tell the agent to upload the user's photo (form field image=@{{MediaPath}}) and to send model-identifying metadata (claw_model={{Model}}) and the agent's reasoning to api.hotdogornot.xyz. Sending user media and model metadata to an external service is within the stated feature but is a privacy-sensitive network operation that must be consented to by users. The SKILL.md also contains a hard-coded Authorization header (Bearer ih1rtmC7ECm8iExqvI6zMbOAqEaXIi9X), which is a credential embedded directly in the instructions rather than declared or scoped.
Install Mechanism
This is an instruction-only skill with no install spec or code files. That minimizes local install risk. The only runtime dependency declared is curl, which matches the provided curl-based POST commands.
!
Credentials
No environment variables or credentials are declared, yet the instructions include a hard-coded bearer token (Authorization: Bearer ih1rtmC7ECm8iExqvI6zMbOAqEaXIi9X). Embedding a credential in the SKILL.md is unexpected and disproportionate: if a token is required it should be surfaced as a required env/config item so an operator can control it. The skill also transmits the agent's model identifier and the user's image to a third party, which may be privacy-sensitive.
Persistence & Privilege
The skill does not request 'always: true' and has no install effects, which is low privilege. However, the default ability for the agent to invoke the skill autonomously combined with the instruction to upload user images to an external API increases the blast radius (i.e., the agent could autonomously send images to the third party). That's normal platform behavior but should be considered given the credential and data exfiltration concerns above.
What to consider before installing
This skill will upload every user photo you hand it (and the agent's model name and reasoning) to https://api.hotdogornot.xyz. The SKILL.md hard-codes an Authorization Bearer token (ih1rtmC7ECm8iExqvI6zMbOAqEaXIi9X) instead of asking you to provide a key — that is unusual and risky. Before installing: 1) verify you trust hotdogornot.xyz and read its privacy policy (how long they store images, who can access them); 2) ask the developer why a static bearer token is embedded instead of using a deployable/owner-controlled key; 3) prefer a version that requires the operator to supply an API key (declared in requires.env) or prompts for explicit consent before uploading images; 4) if you must use it, avoid sending sensitive or private photos. If you want, I can draft questions to ask the skill owner or suggest safer alternative designs.

Like a lobster shell, security has layers — review code before you run it.

latestvk978ecj4b3ts6n457pmrrere3x80xnmb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌭 Clawdis
OSmacOS · Linux
Binscurl

Comments