Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Digital Avatar
v1.0.0数字人/虚拟形象生成和口播视频制作。支持多个后端:可灵 Kling、即梦 Jimeng、HeyGen、D-ID、Synthesia。输入形象描述或真人照片,输出数字人资源ID或口播视频片段。触发词:数字人、虚拟人、AI主播、avatar、口播视频、talking head。
⭐ 2· 114·0 current·0 all-time
byOlivia_Pp@oliviapp8
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's stated purpose (creating digital avatars and spoken videos) legitimately requires API credentials for the listed backends (Kling, Jimeng, HeyGen, D-ID, Synthesia). However, the registry metadata declares no required environment variables, no primary credential, and no required config paths — despite SKILL.md instructing the agent to read API keys from openclaw.json. That mismatch (manifest declares no credentials but runtime instructions expect them) is incoherent.
Instruction Scope
SKILL.md explicitly instructs uploading user photos and audio samples to third-party APIs and reading configuration from openclaw.json. Uploading personally identifiable images and voice samples and performing voice cloning are sensitive actions but are in-scope for this feature. The concern is the instructions require access to user media and a local config file that the registry did not declare; the skill will transmit user content to external services (the documented vendor domains).
Install Mechanism
This is an instruction-only skill with no install spec and no code files — lowest install risk. There is no downloader or extracted archive; nothing is written or installed by the skill itself.
Credentials
The SKILL.md and references/backend-setup.md require multiple third-party API keys (Kling access_key/secret_key, Jimeng api_key, HeyGen/D-ID/Synthesia keys) to operate. The skill metadata lists no required env vars or primary credential and no required config paths, so the credential access is not declared. Requiring many unrelated service keys without declaring them in the manifest is disproportionate and reduces transparency.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent inclusion. The SKILL.md suggests caching avatar_id for convenience (normal behavior) but does not ask to modify other skills or system-wide settings.
What to consider before installing
This skill appears to be what it claims (creating avatars and talking-head videos), but it has two important issues you should resolve before installing or using it:
1) Manifest mismatch: SKILL.md requires API keys/config in openclaw.json (Kling, Jimeng, HeyGen, D‑ID, Synthesia), but the skill metadata declares no required credentials or config paths. Ask the author to explicitly declare which credentials/config locations the skill will read and to update the registry metadata.
2) Sensitive uploads: the skill will upload user photos and voice samples to third‑party services for avatar creation and voice cloning. Only supply media you own or have explicit permission to use. For voice cloning, follow legal and ethical rules for consent. If possible, create limited-scope API keys for each backend and verify vendor data-retention/privacy policies before use.
Additional recommended checks:
- Confirm the exact path/name of openclaw.json the skill will read and whether it will read any other files.
- Ask where avatar/video URLs are hosted and how long third parties retain uploaded media.
- Prefer creating per-skill or per-project API keys with minimal permissions and rotate/delete them if you stop using the skill.
If the author cannot clarify or update the manifest to list required credentials/config paths, treat the skill as untrusted for sensitive data.Like a lobster shell, security has layers — review code before you run it.
latestvk971fqvp9rj1n26s17tt5cwzy983dart
License
MIT-0
Free to use, modify, and redistribute. No attribution required.