Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Stranger Proximity Alert Skill | 陌生人靠近预警技能
v1.0.0Detects the appearance of strangers near minors and actively issues safety reminder alerts to protect minor safety, suitable for homes, schools, childcare ce...
⭐ 0· 26·0 current·0 all-time
by生命涌现@raymond758
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims to detect strangers near minors using video analysis — and the code does call remote AI analysis endpoints and contains helpers for uploading video and listing reports, which matches the purpose. However the package/registry metadata declares no required config paths or credentials while the SKILL.md and code expect configuration files (skills/smyx_common/scripts/config.yaml, workspace-level config) and open-id values. That mismatch (declaring no required env/config but relying on them) is incoherent and surprising.
Instruction Scope
SKILL.md instructs the agent to save uploaded attachments to a skill attachments directory, to strictly not read local 'memory' files but to read configuration files for open-id, and to call local scripts (python -m scripts.stranger_approach_warning_analysis) which in turn call remote APIs. The document forbids using local long-term memory for history yet also prescribes reading/writing files under the skill/workspace — these constraints conflict. The runtime instructions will cause user-supplied video (sensitive PII) to be transmitted to external APIs and produce report links; this behavior is expected for a cloud-analysis skill but must be explicitly disclosed to users of minors' footage.
Install Mechanism
There is no install spec (instruction-only), which reduces install-time code execution risk. Nevertheless the repository contains many Python modules and requirements.txt files (including a large smyx_common dependency list). The skill does not declare these dependencies in registry metadata; if the runtime environment lacks them the scripts will fail. No remote archive downloads or obfuscated installers were found.
Credentials
The registry lists no required environment variables, yet the code and Base ConstantEnum read environment variables (e.g. OPENCLAW_SENDER_OPEN_ID, OPENCLAW_SENDER_USERNAME, FEISHU_OPEN_ID, OPENCLAW_WORKSPACE) and the SKILL.md requires reading config files for an open-id and optionally api-key/api-url. The code also uses API base URLs from skills/smyx_common config that point to external domains. In short, the skill will access environment/config values not declared in metadata and may send sensitive media to external endpoints — the necessary environmental access is broader than advertised.
Persistence & Privilege
Although always:false, the code includes a DAO layer that creates and writes a local SQLite database under the workspace (workspace/data/smyx-common-claw.db) and SKILL.md mandates saving uploaded attachments to the skill directory. The SKILL.md simultaneously forbids reading local memory for history but the codebase contains local persistence mechanisms. This mismatch means the skill will create persistent files locally (and also communicate with remote servers).
What to consider before installing
This skill performs cloud-based analysis of user-supplied video/images (including potentially sensitive footage of minors) and expects to read config files and environment variables that are not declared in the registry metadata. Before installing or running it: 1) Inspect skills/smyx_common/scripts/config.yaml and any workspace-level config for API endpoints and API keys (they point to external domains such as lifeemergence.com and test/dev hosts). 2) Confirm where uploaded media will be sent and whether you consent to sending minors' footage to those servers. 3) Be aware the skill will create local files (attachments and a SQLite DB under workspace/data) despite SKILL.md claiming 'do not use local memory' — review and control filesystem locations and permissions. 4) If you do not control the remote API or do not trust the operator, use a sandbox or a local-only replacement service. 5) Ask the publisher for clarity on required environment variables, what is stored locally, and a privacy/data-retention policy; do not assume no secrets or local access are needed because the registry metadata lists none.skills/smyx_common/scripts/config-dev.yaml:2
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
latestvk978ssbd6kk5yjx5n334gsrpzx845wzk
License
MIT-0
Free to use, modify, and redistribute. No attribution required.