Advanced QR Intelligence
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: qr-code-pro Version: 1.0.0 The OpenClaw AgentSkills bundle 'qr-code-pro' provides Python scripts for generating and reading QR codes. The `SKILL.md` clearly outlines the purpose and usage, with no evidence of prompt injection attempts. The Python scripts (`scripts/qr_generate.py` and `scripts/qr_read.py`) utilize standard libraries (`qrcode`, `Pillow`, `pyzbar`) for their stated functionality, performing only necessary file I/O (reading/writing images). There is no indication of data exfiltration, malicious execution, persistence mechanisms, or any other high-risk behaviors.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing these dependencies may add third-party code to the user's environment, so the user should trust the package sources.
The skill asks the user to install unpinned Python packages and native zbar dependencies manually. This is expected for QR generation/reading, but it relies on external package provenance outside the provided artifacts.
pip install qrcode pillow ... pip install pillow pyzbar ... macOS: `brew install zbar` ... Linux: `apt install libzbar0`
Install dependencies in a virtual environment from trusted package managers, consider pinning versions, and review package provenance if using this in a sensitive environment.