ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

tl-aliyun-image-generator

v1.0.0

【专属触发指令:千问画个图】调用阿里云通义万相生成高质量图片。仅当用户的指令以“千问画个图”开头时,才允许路由到此技能。

0· 95·0 current·0 all-time
bywangliangyi@roykingw
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the included code and instructions: the skill runs a local Python script that calls an Aliyun text-to-image endpoint. No unrelated binaries or cloud credentials are requested up front.
!
Instruction Scope
SKILL.md explicitly instructs the agent to prompt users to paste their Aliyun API Key into the chat (plaintext) when the script prints [NEED_KEY]. That grants the skill broad ability to solicit sensitive secrets from users and does not suggest a secure input mechanism. It also tells the agent to run a local script and report a local file path back to the user — acceptable for the purpose, but combined with secret solicitation this expands risk.
Install Mechanism
There is no installer spec, but the included script will auto-install the 'requests' package at runtime by invoking pip (subprocess). Runtime pip installs are common but carry risk (network fetching, arbitrary code execution during install) and the script does not pin versions or validate the environment.
!
Credentials
The skill requests the user's Aliyun API Key by instructing the agent to ask users to paste keys (sk-...). The script then saves the key unencrypted to a local file (.aliyun_key) in the skill directory. Asking for and persisting a plaintext secret via chat is disproportionate given safer alternatives (secure secret input, environment variables, or encrypted storage).
Persistence & Privilege
The script persists the API Key permanently to a local hidden file in the skill folder and will delete it if the key is rejected. It does not request 'always: true' nor modify other skills, but permanent local storage of secrets is a persistence behavior users should be aware of.
What to consider before installing
This skill appears to perform Aliyun image generation as described, but it instructs the agent to ask users to paste their Aliyun API Key into the chat and the bundled script saves that key in plaintext to a local file (.aliyun_key). Before installing or using it, consider: 1) Do not paste production or high-privilege API keys into chat — create a scoped/test key for this purpose that you can revoke. 2) Review the script code (already included) and be aware it will auto-install Python packages via pip at runtime. 3) If you must use it, run the skill in a sandboxed environment or a throwaway account, set restrictive file permissions on the saved key, and consider manually placing the key in a secure location (or editing the script to read from a safe secret store) instead of sending it through chat. 4) If you are uncomfortable with plaintext storage or chat-based secret input, do not install the skill or modify it to use an environment variable or encrypted storage for the API key.

Like a lobster shell, security has layers — review code before you run it.

latestvk9735b9fx6d88jm2q4ddy2xb1n83zkd7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎓 Clawdis

Comments