ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Intelligent Public Smoking Detection Skill | 公共场所吸烟行为智能检测技能

v1.0.3

Automatically detects smoking behavior in target areas based on computer vision; supports real-time detection of video streams, images, and video files; iden...

0· 32·0 current·0 all-time
by生命涌现@raymond758
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code and SKILL.md implement computer-vision smoking detection and history listing, and declare a dependency on a common base (smyx_common) which is expected. However the package also contains a full face-analysis subskill and a large 'smyx_common' library (API helpers, local DAO/SQLite code, large requirements list), which expands the runtime footprint beyond a minimal smoking-detector. This broader bundle is plausible (reusing shared base code) but increases surface area and should be justified.
!
Instruction Scope
SKILL.md contains strong runtime rules (eg. 'absolutely forbid reading any local memory files' and 'must fetch history from cloud API only'), but the code includes a local DAO/SQLite layer (skills/smyx_common/scripts/dao.py) and logic that will read/write local files (saving attachments to the skill directory and writing a DB under workspace/data). The skill also instructs automatic saving of uploaded attachments into the skill directory. These behaviors contradict the 'no local memory' rule and broaden data persistence and exfiltration risk.
Install Mechanism
There is no install spec (instruction-only installation) which avoids remote downloads, but the bundle includes many code files and a large requirements list in smyx_common (dozens of packages). That means installing dependencies would pull a heavy set of packages; while not automatically malicious, it is disproportionate to a small detection script and increases attack surface if installed in your environment.
Credentials
The skill declares no required env vars, and most configuration comes from local config.yaml files (skills/smyx_common/scripts/config.yaml and the skill-local copy). The code also reads environment variables such as OPENCLAW_SENDER_OPEN_ID, OPENCLAW_WORKSPACE, FEISHU_OPEN_ID for defaults. These are plausible for operation but should be understood: the skill will look in config files and environment for API URLs/keys and open-id. No unrelated cloud credentials are requested, but the reliance on workspace config and env vars means it may access cross-skill configuration.
!
Persistence & Privilege
The skill will save uploaded attachments to an attachments folder and the included smyx_common DAO will create/use a local SQLite DB under the workspace/data path. This creates persistent local state across runs and cross-skill workspace files. The skill is not marked always:true, but the persistent storage behavior and automatic saving of user-supplied media increases blast radius and privacy risk.
What to consider before installing
Things to check before installing or running this skill: - Source verification: the skill's homepage is missing and the publisher is unknown. Prefer skills from known sources. - Persistent storage: the skill will save uploaded media to the skill directory and the smyx_common module will create/use a local SQLite DB under the workspace (workspace/data). Do not upload sensitive videos/images if you install it untrusted. Inspect and, if needed, sandbox the skill's workspace. - Conflicting rules: SKILL.md forbids reading local memory but the code includes local DB and filesystem writes — ask the author to explain and resolve this contradiction. - Configuration and endpoints: review skills/smyx_common/scripts/config.yaml and other config files to confirm the API base-URLs and any api-key locations are acceptable. The code will derive open-id from local config files or environment variables; ensure you understand which values will be used and that no secret is leaking. - Dependency footprint: smyx_common requires many Python packages; installing them pulls a large dependency surface. Consider running in an isolated environment (container/VM) rather than on a production machine. - Code review: if you plan to use it, review RequestUtil / util.py and dao.py to see exactly how HTTP requests are made, what headers/params are sent, and how stored data is used or exposed. If you can't validate these points, treat the skill as untrusted and avoid uploading any sensitive media to it.
!
skills/smyx_common/scripts/config-dev.yaml:2
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk9782fyrym8qb71azsg6d1w8dn8454t9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments