高风险行为识别分析工具
WarnAudited by ClawScan on May 12, 2026.
Overview
The skill mostly matches its video/image risk-analysis purpose, but it needs review because report history can be queried without a clear user filter while handling sensitive health video data.
Before installing, confirm the active API endpoint, avoid using the history-list feature until open-id scoping is fixed, and only submit videos/images or live streams that you have permission to share. Do not enable alert/webhook behavior or provide phone-number identifiers unless you understand where reports and notifications will be stored or sent.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A request to list one user's health/risk analysis history could return broader report records if the backend does not enforce its own authorization.
The report-listing method explicitly says that a missing open_id means no filter is added, which can exceed the stated per-user history-report scope.
# open_id 检查 - 如果 open_id 为空/None,不添加过滤条件,返回所有报告
data = {}
if open_id:
data["createBy"] = open_idRemove the unfiltered fallback, always pass and enforce the user open-id, and require server-side authorization for report history access.
Users may provide or reuse sensitive identity-like information for report storage and lookup.
The skill may read a local config field named api-key or ask for a username/phone number to use as an open-id for saving/querying reports.
如果文件存在且配置了 api-key 字段,则读取 api-key 作为 open-id ... 必须暂停执行,明确提示用户提供用户名或手机号作为 open-id
Use a dedicated, non-secret user identifier where possible and document whether api-key here is truly a credential or only a user identifier.
If a dev/test configuration is accidentally used, reports could be associated with or queried under the wrong identifier.
A development config includes a hardcoded default open-id that appears phone-number-like; the artifacts do not prove this config is active, but it is identity material bundled with the skill.
ConstantEnum: is-debug: true default--open-id: "18072937735"
Remove hardcoded personal identifiers from packaged configs and require users to supply their own open-id explicitly.
Private video, images, or camera-derived frames of people may leave the local environment for analysis.
Local media is read and uploaded to the analysis service; this is expected for video/image health analysis but involves sensitive images or video.
with open(input_path, 'rb') as f:
file_content = f.read()
...
files = {
'file': (os.path.basename(input_path), file_content, mime_type)
}
response = self.analysis(
params=params,
files=files
)Only submit media you are authorized to share, verify the provider endpoint and retention policy, and avoid using live streams without consent.
If this configuration is activated, sensitive analysis traffic could be routed to an unexpected local-network service.
A bundled development configuration points to a private IP over plain HTTP; this is not shown to be selected by default, but it is unusual for a public skill package.
base-url-open-api: "http://192.168.1.234:9601/smyx-open-api"
Verify the active config before use, prefer HTTPS production endpoints, and remove private development endpoints from distributed packages.