ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Alt Text Generator Mcp

v1.0.0

Generate accessible alt text and descriptions for images using local AI vision (Qwen2.5-VL). Returns JSON with alt_text and detailed description.

0· 34·0 current·0 all-time
by@ntriq-gh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The name/description claim '100% local AI inference (Qwen2.5-VL)' and 'local AI vision', but the code calls an external HTTP API (default AI_API_ENDPOINT = https://ai.ntriq.co.kr/analyze/image) and SKILL.md shows curl examples to https://x402.ntriq.co.kr. There is no embedded/local model code or model binaries in the package. The use of Apify Actor.charge and agnost tracking implies platform billing integrated into the runtime even though the skill metadata declares no required env vars or credentials. These are clear mismatches between stated purpose and actual capabilities.
!
Instruction Scope
SKILL.md instructs callers to POST to x402.ntriq.co.kr and mentions micropayments; code sends image_url and prompt to the external AI endpoint and returns results. The instructions and code do not ask to read local files, but they do perform network calls and billing operations not described in the registry metadata (no required env vars declared). The SKILL.md's claim of 'zero external API calls' contradicts both usage examples and the handler implementation.
Install Mechanism
No install spec is provided (instruction-only install), so nothing will be automatically downloaded/installed by the platform. The repository includes package.json and standard npm dependencies, but there is no packaged or remote install URL in the skill manifest. This is low install-mechanism risk from the platform's perspective.
!
Credentials
The registry metadata lists no required environment variables or credentials, but the code reads process.env.AI_API_ENDPOINT, AI_REQUEST_TIMEOUT, and APIFY_CONTAINER_PORT. It also calls Actor.charge which on some runtimes requires platform credentials/config. The skill performs network I/O to a remote AI endpoint and to a micropayment flow (SKILL.md references auto-pay USDC on Base and RapidAPI proxy secrets). Required credentials for payment or Apify use are not declared, creating an incomplete and disproportionate environment/credential picture.
Persistence & Privilege
The skill is not marked always:true and does not attempt to modify other skills or system-wide config. It runs as an HTTP server within an Apify Actor pattern and uses normal logging and Actor APIs. Autonomous invocation is allowed by default (disable-model-invocation: false) which is normal; this combined with other concerns increases risk but the skill does not request persistent elevated privileges itself.
What to consider before installing
This skill is inconsistent: it advertises '100% local' inference but the code submits images to a remote endpoint (ai.ntriq.co.kr/x402) and integrates billing (Actor.charge, micropay) while declaring no required env credentials. Before installing or enabling it: 1) ask the author to explain and correct the local-vs-remote claim; 2) request a clear list of environment variables/credentials the skill actually needs (Apify tokens, payment keys, AI endpoint overrides); 3) review and confirm the external endpoints (x402.ntriq.co.kr and ai.ntriq.co.kr) are trusted and acceptable for sending image data (privacy risk); 4) if you require true local inference, do not install — this skill does not include local model binaries; 5) avoid enabling autonomous invocation on sensitive agents until these inconsistencies are resolved. If you need help, ask the maintainer for a version that either (a) truly runs locally with bundled model code, or (b) explicitly documents remote endpoints, required credentials, and billing behavior.
src/handlers/alttext.js:7
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cxqqcgaj0tss2bes3qw26d1841cpn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments