Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
glm-understand-image
v1.0.4使用 GLM 视觉 MCP 进行图像理解和分析。触发条件:(1) 用户要求分析图片、理解图像、描述图片内容 (2) 需要识别图片中的物体、文字、场景 (3) 使用 GLM 的视觉理解功能
⭐ 0· 910·2 current·2 all-time
by要啥自行车@thincher
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to provide GLM-based image understanding and its runtime steps (using mcporter to run a GLM MCP server and calling analyze_image) align with that purpose. It requests a Zhipu/智谱 API key which is appropriate for using that service. However, the skill metadata declared no required config paths or env vars while the instructions explicitly read and write ~/.openclaw/config/glm.json and expect a Z_AI_API_KEY — this mismatch is a design inconsistency.
Instruction Scope
The SKILL.md tells the agent to read ~/.openclaw/config/glm.json and to store the API key there in plaintext; that file path is not declared in the registry metadata. It also instructs running npx to fetch and run @z_ai/mcp-server at runtime. Writing credentials to a plaintext file and running remotely-fetched code are scope-relevant but risk-bearing behaviors that should be explicitly declared and justified.
Install Mechanism
No install spec is included (instruction-only), but the instructions rely on npx -y to fetch and run @z_ai/mcp-server. Using npx means arbitrary package code from the npm registry will be executed at runtime; this is expected for an instruction-only skill that delegates to an MCP server but increases runtime risk compared with a pre-vetted binary or an official release URL.
Credentials
The skill needs a Zhipu API key (Z_AI_API_KEY) to function, which is proportionate. However, the registry lists no required env vars while the SKILL.md both reads/writes ~/.openclaw/config/glm.json and sets Z_AI_API_KEY when configuring mcporter. Storing the API key as plaintext in ~/.openclaw/config/glm.json is insecure and the discrepancy between declared requirements and actual instructions is inconsistent.
Persistence & Privilege
always is false and the skill is user-invocable only; it does not request elevated or persistent platform privileges. Autonomous invocation is allowed by default (disable-model-invocation is false) but that is the platform default and is not, by itself, an extra privilege concern here.
What to consider before installing
This skill appears to do what it says (configure an MCP server and call analyze_image), but exercise caution before installing: (1) npx -y @z_ai/mcp-server will fetch and execute code from npm at runtime — verify you trust that package and its publisher; (2) the SKILL.md reads/writes ~/.openclaw/config/glm.json and advises storing your Zhipu API key in plaintext there — consider storing credentials securely (e.g., a secrets manager) instead of an unprotected file; (3) the metadata did not declare the config path or env var usage — ask the author to declare required config/envs and to explain why HOME is set to the current directory when adding the MCP; (4) if you cannot verify the upstream package or the author, avoid running the npx commands and prefer an explicit, vetted installation path.Like a lobster shell, security has layers — review code before you run it.
latestvk97dxz9p74v7f4h83a35gmxsmn81xc09
License
MIT-0
Free to use, modify, and redistribute. No attribution required.