glm-grounding
PassAudited by ClawScan on May 1, 2026.
Overview
The skill is coherent for image grounding, but users should verify the model endpoint, local config path, proxy-bypass setting, and helper modules before relying on it.
Before installing, confirm that the GLM model endpoint is one you trust, that proxy-bypass settings are acceptable in your environment, and that any referenced helper modules or local model configuration files come from trusted sources.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Images and prompts used with this skill may be processed by the configured model service.
The skill sends the user's image and prompt to a model API. That is central to image grounding, but the endpoint becomes a data boundary users should trust.
response = HttpInterface(url, prompt, images=[image_path], no_think=True)
Use the skill only with a trusted model endpoint, especially for private or sensitive images.
Requests to the model host may avoid the user's normal proxy path.
The instructions explicitly set proxy-bypass environment variables for the model host. This is explained as necessary for intranet model access, but it can bypass normal proxy routing for that host.
os.environ['NO_PROXY'] = '<model-host>' # 跳过代理
Confirm the model host is trusted and keep the NO_PROXY setting limited to the intended endpoint.
Actual behavior may depend on environment-provided helper code outside this artifact.
The skill depends on helper modules that are referenced in instructions but not included in the provided artifact set. This is not suspicious by itself for an instruction-only skill, but users should verify where those helpers come from.
from interface_http import HttpInterface from utils_boxes import parse_bboxes_from_response, visualize_boxes
Install or use only trusted versions of the referenced helper modules.
The agent may look at local model configuration to find the endpoint, which could expose environment details if mishandled.
The instructions point to a local OpenClaw model configuration file for the API address, while metadata declares no required config paths. The artifact does not show credential extraction, but this config location should be treated carefully.
模型 API 地址配置在 `/root/.openclaw/agents/main/agent/models.json`
Declare and scope any required config access, and avoid reading or exposing secrets from the model configuration file.