Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Workplace Phone Usage Smart Monitoring Skill | 职场玩手机智能监测技能
v1.0.0Based on computer vision, automatically detects employees playing with phones during work hours, supports real-time video stream and image detection, counts...
⭐ 0· 20·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (phone-usage monitoring via CV) align with the included scripts: analysis CLI, face-analysis reuse, and a common API client. However the bundle includes a large common library (smyx_common) with a local SQLite DAO, many utility modules, and a separate 'face_analysis' skill; these increase the footprint beyond a minimal detector. Reading workspace-level config to obtain open-id and optional API keys also reaches into broader agent state/config which is not strictly necessary for a single-file detector.
Instruction Scope
SKILL.md instructs the agent to save uploaded attachments into the skill directory and to run local Python scripts that will send media to a cloud API. It explicitly requires resolving an open-id by reading config files in the skill and workspace directories (and will pause if not found). The skill forbids reading local 'memory' files, but the code does perform file I/O, uses a local SQLite DB (via smyx_common.dao) and will access ${OPENCLAW_WORKSPACE} paths — so it can read and write persistent local state beyond the skill folder. The behavior of reading workspace config and saving attachments is scope-creep compared with a minimal remote inference client.
Install Mechanism
There is no install specification (instruction-only plus included scripts), so nothing will be automatically downloaded or executed at install time. The repository includes requirements.txt files listing many packages; however no automatic installer is declared in the skill metadata. Lack of an install spec lowers install-time risk, but the code expects many Python dependencies to be present.
Credentials
The skill declares no required env vars but the common config code reads environment variables (OPENCLAW_WORKSPACE, OPENCLAW_SENDER_OPEN_ID, OPENCLAW_SENDER_USERNAME, FEISHU_OPEN_ID) and also reads API keys and endpoints from config.yaml files in both the skill and a workspace-level smyx_common config. That means the skill can access workspace/global configuration and any secrets stored there (api-key, api-secret-key), which is a broader privilege than the simple stated purpose. It also accepts an --api-key/--api-url parameter and will upload media to the configured remote service.
Persistence & Privilege
always:false (no forced global inclusion). The code creates/uses a local SQLite DB under a workspace data directory and writes attachments to the skill directory; this is persistent state creation. This is not necessarily malicious but is a lasting footprint that may contain sensitive information (uploaded videos, reports). The skill does not claim to modify other skills' configs, but it does read workspace config files and writes a persistent DB.
What to consider before installing
This skill is functionally coherent for remote video/image analysis, but has noteworthy data and privacy implications. Before installing or running it: 1) Verify the backend endpoints and operator (the code defaults point to lifeemergence.com in configs) — don’t upload employee video to an untrusted third party. 2) Inspect skills/smyx_common/scripts/config.yaml and any workspace-level config the skill will read to confirm no sensitive secrets (API keys, tokens) are being exposed. 3) Expect the skill to save uploads to disk and to create a local SQLite DB under the workspace data directory; run it in an isolated/test environment if you are unsure. 4) If you need the functionality but cannot trust the remote service, prefer a version that performs inference locally or that clearly documents the remote API owner and privacy/security controls. 5) The SKILL.md’s prohibition on reading local memory appears intended to force cloud-sourced history, but the code still reads workspace config and persists data — confirm this behavior meets your compliance and legal requirements (employee consent, local regulation).skills/smyx_common/scripts/config-dev.yaml:2
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
latestvk97fh0skq4qmggq4yfs77zczs9850jq5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.