Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Stroke Risk Screening Analysis Skill | 脑卒中风险筛查分析技能
v1.0.1Combines TCM facial feature recognition with physiological indicator information to provide early warnings of high-risk stroke conditions such as cerebral in...
⭐ 0· 30·0 current·0 all-time
by生命涌现@raymond758
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (TCM face + physiological indicators for stroke-risk screening) aligns with the code: scripts perform file validation, build multipart uploads and call remote analysis APIs. However there are oddities: the SKILL.md instructs the agent to treat an api-key field in local config as an 'open-id' (user identifier), which conflates credentials and user identity. The repository also contains a general-purpose local DAO/SQLite layer (skills/smyx_common) that is broader than strictly necessary for a simple upload-and-query skill.
Instruction Scope
SKILL.md enforces strict runtime rules (e.g., 'do not read local memory files' and 'always fetch history from cloud') while simultaneously instructing the agent to read config files in skills/smyx_common/scripts/config.yaml or workspace-level config to obtain open-id. The runtime scripts will read local files (media) and send them to remote APIs and will save uploaded attachments to the skill directory. The instructions therefore both forbid and require local file/config access in different places — a scope inconsistency that could lead to accidental data exposure.
Install Mechanism
There is no install spec (instruction-only install), but the bundle includes many Python modules and large requirements lists (skills/smyx_common/requirements.txt, face_analysis requirements). Running the code will implicitly require installing many dependencies; no vetted release URLs are used. Absence of an explicit install step reduces install-time visibility but running the scripts will still execute included code.
Credentials
The skill declares no required env vars, yet the code reads environment variables (e.g., OPENCLAW_SENDER_OPEN_ID, OPENCLAW_SENDER_USERNAME, FEISHU_OPEN_ID, OPENCLAW_WORKSPACE via Dao logic) and prefers reading local config YAMLs for API URLs/keys. The SKILL.md mandates retrieving an 'open-id' from a config api-key field (confusing identity and credential). Requesting user identifiers and optionally API keys is reasonable, but the omission from declared requirements plus the conflation of api-key/open-id is disproportionate and confusing.
Persistence & Privilege
always:false (no forced inclusion) and no explicit escalation flags. However the code contains local persistence utilities: a SQLite DAO that writes to workspace/data and logic to save uploaded attachments and output files. That means the skill may create files and a local DB in the agent workspace — persistent state beyond ephemeral runtime.
What to consider before installing
This skill will upload user-supplied face photos/videos (and optional physiological values) to a remote analysis service and may store files and a local SQLite DB under the agent workspace. Before installing or running: 1) Verify and trust the remote endpoints (config points to lifeemergence.com by default and other dev URLs are present). 2) Be cautious about providing any 'open-id' or API key — the SKILL.md instructs reading an api-key field as an 'open-id', which is confusing and could leak credentials if misused. 3) Expect the code to read local config files and environment variables (not listed in the registry metadata) and to write attachments/output to the workspace. 4) If you need tighter safety, run the skill in a sandboxed environment, inspect/change ApiEnum base URLs to your trusted server, or request the author to clarify the open-id flow and to explicitly document required env vars. Because of the inconsistencies and undeclared environment/config access, treat this skill as suspicious until you can confirm the endpoints and identity-handling are intentional and safe.skills/smyx_common/scripts/config-dev.yaml:2
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
latestvk97eeyeg5yfk05w3kffbtx1yr5845tra
License
MIT-0
Free to use, modify, and redistribute. No attribution required.