ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Z-image Local image generation with OpenVINO (no API key)

v1.0.3

generate an image, create a picture, draw something, make an image of, text to image, paint a picture, illustrate, visualize, local image generation, AI art,...

0· 159·0 current·0 all-time
by@juan-oy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims offline local image generation using OpenVINO and the included scripts (setup.py, download_model.py, check_env.py) implement that. The requested network access (GitHub for pip deps and modelscope.cn for a ~10 GB model) is proportional to the stated purpose. Minor incoherence: SKILL.md and the scripts are Windows-specific (drive letters, PowerShell, explorer) but the registry metadata has no OS restriction; that mismatch could cause confusion or failed runs on non-Windows hosts.
!
Instruction Scope
Runtime instructions direct the agent to run setup.py and download_model.py (which create a venv and install pinned dependencies from GitHub and modelscope). The agent is instructed to auto-run those scripts under certain error states (auto-recovery policy: up to 3 attempts) and to read state.json and environment proxy variables. The scripts also scan all drive letters to find or create installation directories. These behaviors go beyond simple 'read-only' checks and entail installing packages, writing files, and downloading large model artifacts — which are coherent with the skill's goal but are operationally significant and potentially surprising if performed autonomously.
Install Mechanism
There is no platform install spec in the registry (instruction-only), but included setup.py will create a venv and pip-install dependencies, including git+https installs from specific GitHub commits and packages from the PyTorch extra index and modelscope. Sources (github.com, modelscope.cn) are expected for this task. The downloads and installs are legitimate for local inference but are substantial (network usage and disk I/O, ~10 GB model plus packages).
Credentials
The skill declares no required environment variables or credentials. At runtime it reads USERNAME (to construct paths) and proxy variables (HTTPS_PROXY/HTTP_PROXY) to handle network configuration; this is reasonable for its setup and download steps. It does not request unrelated secrets or credentials.
!
Persistence & Privilege
always:false (good). However the SKILL.md explicitly tells the agent to auto-run setup.py and download_model.py in auto-recovery, including performing up to 3 unattended attempts and using system Python for certain steps. If the agent is allowed autonomous invocation, this enables the skill to perform network downloads, install packages into a venv, write state.json and files to disk, and open Explorer — all without an additional explicit user prompt. That autonomous-install behavior is operationally powerful and should be considered before enabling the skill.
What to consider before installing
What to consider before installing this skill: - Functionality and platform: This skill is designed for Windows (PowerShell, drive-letter paths, explorer), but the registry metadata does not restrict OS. Only install/use on a Windows machine. - Disk, bandwidth, and time: Setup + model download will fetch packages and a ~10 GB model and create a venv. Ensure you have free disk space and are comfortable with the network usage. - Automatic actions: The SKILL.md instructs the agent to auto-run setup and download scripts (up to 3 attempts) when state is missing or packages are broken. If you allow the skill to run autonomously, it may install packages and download large files without asking each time — consider running setup.py and download_model.py manually yourself the first time. - Sources and code review: The setup installs pinned git+https dependencies from GitHub and uses modelscope.snapshot_download to fetch the model from modelscope.cn. If you require stronger assurance, review the referenced GitHub commits and the model provider before proceeding. - Permissions and scope: The scripts will write under {USERNAME}_openvino on whichever drive has most free space, scanning drives A:–Z: to locate prior installs. This is intended to find or create an installation folder but is broader filesystem access than a pure in-memory tool — be comfortable with the skill creating/modifying files in your drives. - Recommended safe steps before enabling autonomously: 1) Inspect the code (setup.py, download_model.py, check_env.py) yourself or in a sandbox. 2) Run setup.py and download_model.py manually from a terminal to observe behavior and confirm network sources. 3) Ensure you have necessary Python/git and that installations occur in an environment you control (or a dedicated VM). 4) If you prefer, disable autonomous invocation for this skill or only allow user-invoked runs so you can approve installs/downloads. Given these operational and minor metadata inconsistencies, the package is coherent with its stated purpose but has behaviors (automatic installs, drive scanning, Windows-only code) that warrant caution — especially if you enable autonomous execution.

Like a lobster shell, security has layers — review code before you run it.

latestvk976hh7ffzq32d7v04351fnxz984re1q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments