Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
cloudflare-media
v1.0.0使用 Cloudflare Workers AI 生成图片或语音。触发条件: - 文生图:"生成图片"、"文生图"、"text-to-image"、"AI 作图"、"帮我画" - TTS:"文字转语音"、"TTS"、"读出来"、"语音合成"、"text-to-speech
⭐ 0· 50·0 current·0 all-time
byn0nsense@n0nsense11
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description claim Cloudflare Workers AI for image and TTS generation and the SKILL.md contains curl examples against Cloudflare AI endpoints — that's coherent. However, the skill's registry metadata lists no required env vars or primary credential, while the runtime instructions explicitly expect an Account ID and API Token (from skills/cloudflare-media/config.json or MEMORY.md, or by prompting the user). That mismatch (declared no credentials vs instructions needing credentials) is an inconsistency.
Instruction Scope
The SKILL.md instructs the agent to read credentials from skills/cloudflare-media/config.json and MEMORY.md (local files) and to run curl/exec commands. Asking to read MEMORY.md is notable because memory may contain unrelated secrets or context; instructions therefore expand scope beyond the stated API usage and grant the skill broad discretion to access local agent state.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so it doesn't write or download artifacts during installation — low install-surface risk.
Credentials
The skill needs a Cloudflare Account ID and API Token according to SKILL.md, but none are declared in the registry metadata (requires.env/primary credential). It also prefers reading local files for credentials (skills/.../config.json and MEMORY.md). Requiring an account-level token is reasonable for Cloudflare API calls, but the lack of declaration plus the instruction to read MEMORY.md is disproportionate and could expose other secrets if MEMORY.md contains them.
Persistence & Privilege
always:false (good). The skill requests permissions to Read/Write/Edit/Exec in allowed-tools, which is consistent with running curl and saving outputs, but Exec + Read access means it can run commands and read local files when invoked. That capability is expected for a runtime that shells out, but it raises risk if you permit the skill broad autonomous use or store sensitive data in the referenced files.
What to consider before installing
This skill appears to implement Cloudflare Workers AI calls for images and TTS, but its instructions expect your Cloudflare Account ID and API Token to be read from skills/cloudflare-media/config.json or MEMORY.md even though the registry declares no credentials. Before installing:
- Do not store global or high-privilege secrets in MEMORY.md; inspect that file's contents first. Prefer providing a scoped API token at runtime rather than persisting it in shared memory.
- Create a Cloudflare API token with the minimal scopes required (limit to AI/model usage or the least-privilege equivalent) and avoid using your full account key.
- Review the skill's config file (skills/cloudflare-media/config.json) before allowing it to be read; keep credentials in a dedicated secret store if possible.
- Be aware the skill is allowed to Exec and perform curl calls; avoid enabling autonomous/always-on behavior if you don't want it to invoke without each explicit approval.
If you want a stronger assurance, ask the skill author to (1) declare required credentials in registry metadata, (2) avoid reading MEMORY.md, and (3) document exact token scopes needed. If the author cannot provide that, treat the skill as higher-risk and only use with ephemeral, scoped tokens.Like a lobster shell, security has layers — review code before you run it.
latestvk97a4t8ew4nejmha9gstmpsw6x83hw0r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.