Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Travel Frog 旅行青蛙
v1.0.0A travel frog that autonomously explores the world, sends postcards, and takes photos.
⭐ 1· 249·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description align with the code and instructions: a local 'travel frog' engine that keeps state, archives postcards/photos, and writes diary/memory. However the skill intentionally reads a workspace-level IDENTITY.md and memory files outside its scripts directory to personalize behavior — plausible for personalization but broader than a strictly self-contained toy.
Instruction Scope
SKILL.md and templates explicitly instruct the agent to read/write files outside the skill folder (workspace/IDENTITY.md, memory/YYYY-MM-DD.md), append diaries via exec (echo >> file), and to always run the engine via exec. Those steps permit reading the user's workspace-level identity/memory and modifying files; this is functionally justified by the skill's behavior but expands the scope to potentially sensitive user data.
Install Mechanism
No install spec (instruction-only) and only requires python3; nothing is downloaded or written during install. Low install risk.
Credentials
The skill declares no required credentials or env vars, and the code uses an optional FROG_STATE_DIR env var. Templates reference external image-generation tools (OpenAI/Gemini scripts) which may in turn use credentials; those are not required by the skill itself but the runtime may invoke other skills/tools that do need secrets.
Persistence & Privilege
always:false and no autonomous privilege escalation, but the engine will create and write to travel-frog-data in the workspace and to media directories (~/.openclaw/media). Templates direct the agent to append to memory files and collections. The skill does persist state and modifies files in workspace-level locations — benign for this app but potentially surprising if users expect the skill to be entirely self-contained.
What to consider before installing
This skill appears to be a local, file-backed 'travel frog' that personalizes behavior by reading/writing files in your workspace. Before installing or enabling it:
- Note it will read workspace/IDENTITY.md and recent memory diary files and will append diary entries (echo >> ...) — if you keep sensitive data in those locations, the skill will access/modify it.
- It will create a travel-frog-data directory (default under your workspace) and write logs, state.json, collections.json, postcards, and backups. If you want isolation, set FROG_STATE_DIR to a sandbox directory before running.
- Templates instruct calling external image-generation scripts (OpenAI/Gemini) via exec; those calls may use other skills or local credentials. Review or sandbox any referenced image-generation scripts and their credentials.
- Recommended precautions: back up workspace files you care about, run the skill in a dedicated workspace or set FROG_STATE_DIR to an isolated path, and review the image-generation toolchain it will invoke. If you need a tighter boundary, request a version that confines all reads/writes strictly to its own skill directory.Like a lobster shell, security has layers — review code before you run it.
latestvk97007mpv652adc6p7bs4rg59h82e8tj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🐸 Clawdis
Binspython3