Ai Intelligent Access Control
v1.0.3门禁管理,人脸/刷卡 + 权限。
⭐ 0· 168·1 current·1 all-time
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims a hardware- and privacy-sensitive capability (face recognition, card readers, alarms) but the metadata declares no required binaries, no credentials, and no config paths. The SKILL.md lists a Python/FastAPI tech stack and installation steps that would install and run a full application; that level of capability is not reflected in the declared requirements, which is disproportionate and incoherent.
Instruction Scope
SKILL.md is essentially a README with explicit shell instructions to git clone a repository and run python app.py. Those instructions will cause arbitrary third-party code to be written to disk and executed if followed, but there are no runtime constraints, no guidance about required credentials or device permissions, and no explanation of what the code does at runtime. The instructions therefore broaden the agent's scope to fetch and run external code outside the registry's control.
Install Mechanism
There is no formal install spec in the registry, but the SKILL.md instructs users to clone https://github.com/openclaw-skills/ai-intelligent-access-control and pip-install requirements. Downloading and running a remote repo is a high-risk install path because the repo contents are not embedded in the skill bundle and can contain arbitrary code. The GitHub URL is more trustworthy than an unknown IP/shortener, but the registry metadata lists the source as 'unknown' which is inconsistent.
Credentials
A system that integrates cameras, card readers, and alarm notifications would normally require device access, network endpoints, and likely API keys or system permissions; yet the skill declares no required environment variables, credentials, or config paths. The absence of any declared secrets or permissions is disproportionate to the claimed functionality and raises questions about where those requirements would be satisfied.
Persistence & Privilege
The skill does not request always:true and does not declare persistence or modification of other skills' configs. Autonomous invocation is allowed (the platform default) but not by itself a red flag here. The main privilege concern is the instruction to fetch and run external code, not persistent registry permissions.
What to consider before installing
Do not blindly git-clone and run the repository referenced in SKILL.md. Before installing or running this skill you should: (1) ask the publisher for the canonical source URL and verify the repository owner and commit history; (2) request a packaged install spec or vetted release (not just a README with git clone); (3) review the repo source code (especially any code that accesses cameras, networks, or system files) or have it audited; (4) run it in an isolated environment (VM/container) with least privilege if you must test; and (5) confirm what credentials, device permissions, and network endpoints the system requires and why. The current skill metadata and instructions are inconsistent and don’t provide enough assurance to install on production systems.Like a lobster shell, security has layers — review code before you run it.
latest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🤖 Clawdis
SKILL.md
AI 智能门禁系统
描述
门禁管理,人脸/刷卡 + 权限。
功能
- 人脸识别(刷脸通行)
- 刷卡管理(IC卡/身份证)
- 权限管理(分级授权)
- 通行记录(完整记录)
- 异常报警(陌生人告警)
定价
- 基础版:¥99/月(10 门禁)
- 专业版:¥499/月(50 门禁)
- 企业版:¥1999/月(无限门禁)
适用场景
- 企业门禁
- 小区门禁
- 园区门禁
- 实验室门禁
技术栈
- Python + FastAPI
- 人脸识别
- 门禁硬件
- 权限管理
安装
git clone https://github.com/openclaw-skills/ai-intelligent-access-control
cd ai-intelligent-access-control
pip install -r requirements.txt
python app.py
创建:2026-03-13 作者:OpenClaw Skills Team
Files
1 totalSelect a file
Select a file to preview.
Comments
Loading comments…