ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Xpcomment2

v1.0.0

JPEG/이미지 파일의 XPComment(Windows 사진 코멘트) 메타데이터를 exiftool로 읽고, 추가하고, 제거하는 skill. 사용자가 "xpcomment add", "xpcomment remove", "xpcomment read", "코멘트 추가", "사진에 태그",...

0· 49·0 current·0 all-time
by@happyturbo

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for happyturbo/xpcomment2.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Xpcomment2" (happyturbo/xpcomment2) from ClawHub.
Skill page: https://clawhub.ai/happyturbo/xpcomment2
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install xpcomment2

ClawHub CLI

Package manager switcher

npx clawhub@latest install xpcomment2
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md describes only exiftool operations on image XPComment metadata which matches the skill name and description. However the compatibility metadata lists 'tmux' as a required tool even though the instructions never use tmux; that requirement is unrelated to the stated purpose and appears incoherent.
Instruction Scope
Instructions translate user intents to straightforward exiftool commands (read/add/remove). They do not request unrelated environment variables or remote endpoints. Two operational choices deserve attention: use of -overwrite_original (suppresses backups and is destructive) and examples for recursive/bulk operations which can modify many files at once — both are within the skill's stated scope but increase risk if used carelessly.
Install Mechanism
This is an instruction-only skill with no install spec or code files, so nothing is downloaded or written to disk by the skill itself. It only recommends installing exiftool via package manager when missing.
Credentials
No environment variables, credentials, or config paths are requested. The declared dependency on exiftool is appropriate to the task.
Persistence & Privilege
always is false and the skill does not request elevated or persistent platform privileges or modify other skills' configs. Agent autonomous invocation is allowed (default) but not combined with any broad credential access.
What to consider before installing
This skill appears to do what it says (read/add/remove XPComment using exiftool) but check these points before installing or using it: - The manifest oddly lists 'tmux' as a required tool even though the instructions never use it. Ask the author why tmux is required or remove that requirement. - The recommended commands include -overwrite_original which prevents creation of backup files; that makes changes non-recoverable by exiftool backups. Prefer removing that flag or ensure you have backups before running changes. - Recursive and wildcard examples will modify many files. Test on copies or a small sample first to avoid accidental mass changes. - The SKILL.md suggests installing exiftool via sudo apt; that is normal but requires root and will vary by OS. Ensure you use the correct installer for your environment. If the publisher/source is unknown (as here), exercise caution: run commands on test files first, and request clarification from the skill author about the tmux requirement and the reason for forcing -overwrite_original. If you need higher assurance, ask for a signed source or a trustworthy homepage/owner identity.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d7hbnp49cg7x1wcdrjwfnbd85gc4c
49downloads
0stars
1versions
Updated 3d ago
v1.0.0
MIT-0
@happyturbo
latest
Download

XPComment Skill

이미지 파일의 XPComment 메타데이터를 exiftool로 관리한다. XPComment는 Windows 탐색기 → 속성 → 자세히 탭의 "설명(Comments)" 필드에 표시되는 값이다.

명령어 패턴

사용자는 아래와 같은 자연어 또는 단축 명령어로 요청한다:

사용자 입력 예시동작
xpcomment add "텍스트" 파일.jpg코멘트 추가/덮어쓰기
xpcomment remove 파일.jpg코멘트 삭제
xpcomment read 파일.jpg현재 코멘트 읽기
코멘트 추가해줘 "텍스트" 파일.jpg동일하게 add로 처리
파일.jpg 코멘트 지워줘동일하게 remove로 처리

exiftool 명령어 변환 규칙

ADD (추가 / 덮어쓰기)

exiftool -XPComment="코멘트 텍스트" -overwrite_original "파일경로"
  • -overwrite_original 을 반드시 붙인다 (백업 파일 _original 생성 방지)
  • 한국어/유니코드 텍스트도 그대로 사용 가능
  • 기존 코멘트가 있으면 덮어씀

REMOVE (삭제)

exiftool -XPComment= -overwrite_original "파일경로"
  • 값을 빈칸으로 두면 필드가 삭제됨

READ (읽기)

exiftool -XPComment "파일경로"

여러 파일 일괄 처리

# 특정 폴더 전체
exiftool -XPComment="텍스트" -overwrite_original /폴더경로/*.jpg

# 재귀적으로 하위 폴더까지
exiftool -XPComment="텍스트" -overwrite_original -r /폴더경로/

주의사항

  1. 파일 경로에 공백이 있으면 반드시 따옴표로 감싼다
  2. exiftool 미설치 시 먼저 설치: sudo apt install libimage-exiftool-perl
  3. 작업 후 확인은 read 명령으로

응답 형식

작업 완료 후:

완료: photo.jpg
XPComment: "아리가 토끼 귀리"

실행한 명령어:
exiftool -XPComment="아리가 토끼 귀리" -overwrite_original "photo.jpg"

Comments

Loading comments...