ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Acquaintance Recognition & Analysis Skill | 熟人识别分析技能

v1.0.0

Identifies acquaintances in videos or images through face photo comparison. Supports database enrollment, and the recognition results tell you who is at whic...

0· 14·0 current·0 all-time
bysmyx-skills@18072937735
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code implements face-analysis and familiar-person recognition flows (API calls, file upload, listing reports) which aligns with the skill description. However the package reuses a larger 'face_analysis' / 'smyx_common' library (including TCM face-diagnosis code and many unrelated utilities), suggesting code reuse across multiple domains rather than a narrowly scoped 'familiar-person' implementation. Presence of broad requirements files (skills/smyx_common/requirements.txt and face_analysis/requirements.txt) is disproportionate to the simple description that lists only 'requests'.
!
Instruction Scope
SKILL.md strongly forbids reading local memory files and mandates all historical-report queries go to a cloud API. The code does call remote APIs for analysis and listing results, but it also includes local persistence (SQLite DAO) and logic that can create config files. The SKILL.md claims attachments will be saved to attachments/ (auto-save) and that local memory must not be used — the code does not clearly enforce those runtime agent-level prohibitions and will write local DB files under a workspace 'data' path. The agent could therefore end up storing or reading data locally despite the written prohibitions.
Install Mechanism
There is no install spec (instruction-only from a platform perspective), so nothing is automatically downloaded or executed at install time. However the repository contains large requirements files (smyx_common and face_analysis) that, if installed, would pull many unrelated packages; that is disproportionate to the described single-dependency (requests).
Credentials
The skill declares no required env vars, and its main authentication flows use an 'open-id' and optional API key read from local config or passed as arguments. The code will read environment variables such as OPENCLAW_WORKSPACE, OPENCLAW_SENDER_OPEN_ID, and FEISHU_OPEN_ID if present. There are no demands for unrelated cloud/provider credentials (AWS, GCP, etc.), but the skill will by default send media to external service URLs configured in skills/smyx_common/scripts/config.yaml (e.g. open.lifeemergence.com), so consider privacy implications of uploading images/videos.
Persistence & Privilege
always:false (no forced presence). The code will create or use local config files and a local SQLite DB under a workspace/data path (Dao.get_db_path) and may create config files if missing (YamlUtil.load writes defaults). This is typical for local tooling but means the skill persists data and may write files into the workspace; it does not appear to modify other skills' configs or request system-wide elevated privileges.
What to consider before installing
This skill does what it says (upload images/videos to a remote API and produce recognition reports), but review these before enabling it with real data: 1) Privacy: by default the skill will send media to external endpoints configured in skills/smyx_common/scripts/config.yaml (domains like open.lifeemergence.com). Do not upload sensitive images unless you trust that service and have consent. 2) Local persistence: the code will create local config files and an SQLite DB under the workspace/data path and may save attachments — inspect or sandbox the workspace before running. 3) Dependencies: although SKILL.md only lists requests, the repo includes large requirements lists; installing them would pull many packages. 4) Open-id / API keys: the skill expects an open-id and may read open-id from config or environment; check where you store these. 5) If you need stronger guarantees that the agent will not read local memories or other skills' data, do not enable autonomous invocation and test the skill in an isolated environment first. If you want to proceed, review the config.yaml files and change the API endpoints to a trusted service or run the server locally.
!
skills/smyx_common/scripts/config-dev.yaml:2
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk9760pb2pmqkeyat5ywxhsa0r984wdkz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments