Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Smart Model Switcher V5
v5.1.0智能模型自动切换 V5.0.2 - 多模态感知,自动识别图片/视频/音频/代码/文本任务,切换到最适合的模型。支持图片理解(qwen3-vl-plus)、视频音频(qwen3.5-plus)、代码(glm-5)、Office文档(MiniMax-M2.5)、推理等场景。零感知切换,无需手动操作。
⭐ 0· 81·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description, README, SKILL.md and the included scripts/auto-switch.js are coherent: they implement multimodal detection and call a local OpenClaw session API to set the model. No unrelated cloud credentials or unrelated binaries are requested by the skill itself.
Instruction Scope
SKILL.md and the script limit actions to message analysis and POSTing to a local endpoint (/api/session/model on localhost:3737). The README references configuring provider API keys (in ~/.openclaw/openclaw.json or env vars) which is relevant to using model providers but the skill does not itself request or read secrets. However, SKILL.md contains detected unicode control characters (prompt-injection pattern), and the script intentionally treats local API failures as successful (resolving with a success object), which could mask operational failures or be abused to hide behavior—recommend manual inspection.
Install Mechanism
No install spec (instruction-only) and a single Node.js script included. No downloads from external URLs or extract operations. Risk is limited to the included script running on the host if executed. The script uses only built-in http/https modules and posts to localhost, which is expected for a model-switcher.
Credentials
The skill declares no required environment variables or credentials. README examples show where users typically store provider API keys; that is reasonable context but not a demand by the skill. No unrelated external credentials are requested by the skill files.
Persistence & Privilege
Flags are default (always: false, user-invocable: true, disable-model-invocation: false). The skill does not request permanent inclusion or system-wide configuration changes. It uses a local session API to perform model switches, which is expected for this purpose.
Scan Findings in Context
[unicode-control-chars] unexpected: Invisible/unusual unicode control characters were detected in SKILL.md. These are not necessary for a model-switching README or runtime instructions and can be used to attempt prompt injection or to confuse parsers; inspect the file for hidden characters and sanitize before use.
What to consider before installing
This skill appears to implement exactly what it claims (detect message type and call the local OpenClaw session API to switch models). However: 1) SKILL.md contains invisible unicode control characters—remove or inspect hidden characters to ensure there is no prompt-injection payload. 2) Review scripts/auto-switch.js before running: it sends POSTs to http://localhost:3737/api/session/model (expected) but treats network errors as a successful switch—this may mask failures or mislead about actual model changes. 3) The skill does not request provider API keys, but you must ensure your OpenClaw/gateway and provider API keys are configured securely elsewhere; do not paste secrets into the skill files. 4) If you plan to enable autonomous invocation, consider first running the script manually in a sandboxed environment and monitor the gateway logs to confirm only expected local calls occur. If you are not comfortable with hidden characters or the silent-fail behavior, do not install until these issues are resolved.Like a lobster shell, security has layers — review code before you run it.
bailianvk978yvys0vc2atjeyv5bh3zfe183gt3dcoding-planvk978yvys0vc2atjeyv5bh3zfe183gt3dglm-5vk978yvys0vc2atjeyv5bh3zfe183gt3dlatestvk971k84h3zgx1zxyhmyh9zxwgn83jskhmodel-switchingvk978yvys0vc2atjeyv5bh3zfe183gt3dqwenvk978yvys0vc2atjeyv5bh3zfe183gt3d
License
MIT-0
Free to use, modify, and redistribute. No attribution required.