Image-crawler

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This image-crawling skill is coherent and purpose-aligned, but users should notice that it runs local Python code, downloads files from the web, and stores a small persistent deduplication record.

This skill appears suitable for user-requested image collection. Before installing or invoking it, make sure you are comfortable with it running Python code, accessing Baidu/Bing and image-hosting sites, downloading many files, and keeping a `.dedup_hashes.json` history file in the output folder.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI02: Tool Misuse and Exploitation

Low

What this means

The agent may run a background download job that creates many files in the selected folder.

Why it was flagged

The skill tells the agent to launch a local Python crawler in the background and monitor it. This is expected for long-running image downloads, but it means the agent will execute code and write downloaded files when invoked.

Skill content

用 `exec` 以 `background: true` 启动脚本

Recommendation

Before use, confirm the keywords, target count, engine, and output directory; stop the background process if it is not behaving as expected.

#ASI04: Agentic Supply Chain Vulnerabilities

Low

What this means

The skill may fail until the user installs a Python dependency, and dependency provenance is not captured by the registry metadata.

Why it was flagged

The script depends on the external Python package requests, but the registry requirements list no required binaries or dependencies and there is no install spec.

Skill content

import requests ... "requests 未安装，请运行: pip install requests"

Recommendation

Install dependencies from a trusted Python environment and consider updating the skill metadata to declare Python and requests explicitly.

#ASI06: Memory and Context Poisoning

Info

What this means

Someone with access to the output folder could infer what image sources were downloaded.

Why it was flagged

The deduplication file stores downloaded image hashes and source URLs across runs in `.dedup_hashes.json`.

Skill content

"hashes": ["d41d8cd9...", "..."],
  "urls": ["https://...", "..."],

Recommendation

Keep output folders private when needed, and delete `.dedup_hashes.json` if you want to reset deduplication or avoid sharing download history.