ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

特看视频 AI 创作工具

v1.0.0

生成、编辑、协作。一个工具包接入所有主流 AI 模型。只需描述你的创意,即可生成视频、图片和数字人——零手动操作。当用户提到以下任何内容时使用此技能:特看视频、生成视频或图片、数字人、口型同步、文字转语音、TTS、声音克隆、去除背景、商品模特图、电商图、商品详情图、商品主图、虚拟穿搭、图片转视频、文字转视频、AI...

0· 93·0 current·0 all-time
by@tekancn
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchasesRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description claim a multi-model media creation toolkit; the code and scripts consistently target Tekan/Topview APIs (api.tekan.cn, common task endpoints, board management, avatar/video/image/voice modules). That mapping is coherent, although the marketing claim '接入所有主流 AI 模型' is broader than the concrete Tekan endpoints implemented.
!
Instruction Scope
SKILL.md mandates the agent run the provided Python scripts (auth.py, avatar4.py, video_gen.py, etc.) and enforces strict message templates for presenting OAuth/login links and result links. The instructions also require agent-side execution of the device-auth flow and persistent polling of tasks (not delegating to the user). This is a high degree of automation and grants the skill discretion to access local filesystem and network; the enforced message templates (Markdown + raw URL, use of message(action=send)) are unusual and could be abused to surface sensitive URLs verbatim.
!
Install Mechanism
The package contains many Python scripts and a requirements.txt (requests, boto3) but declares no install spec in registry metadata. SKILL.md tells the user to run pip install manually. The absence of an automated install spec is an inconsistency (the skill expects Python dependencies but the registry metadata lists it as 'instruction-only'). Installing boto3 implies possible S3 interactions and the code includes upload logic; this raises a moderate installation/runtime risk that requires explicit handling.
!
Credentials
Registry metadata declares no required environment variables, but the scripts read several env vars (e.g., TEKAN_COMMON_TASK_URL, TEKAN_S3_API_URL via shared/upload.py) and include boto3 (which may use AWS credentials or local ~/.aws config). The skill also writes persistent credentials to ~/.tekan/credentials.json (api_key, access_token, uid). The lack of declared env/credential requirements is an incoherence and increases the risk of unexpected credential use or leakage.
Persistence & Privilege
The skill persists credentials to the user's home (~/.tekan/credentials.json) as part of the OAuth device flow — this is consistent with a client tool. 'always' is false and the skill does not request to be force-included. Writing its own credentials file and using it for subsequent API calls is expected, but users should be aware that the credential file will exist on disk and be used automatically by the scripts.
What to consider before installing
What to consider before installing: - This skill includes a full Python client (many scripts) that will make network requests to api.tekan.cn and related services, upload files to S3 endpoints, and save OAuth credentials to ~/.tekan/credentials.json. That behavior matches a normal API client but is more than a pure 'instruction-only' skill. - The registry metadata does NOT declare environment variables, yet the code reads TEKAN_COMMON_TASK_URL / TEKAN_S3_API_URL and uses boto3 — review shared/upload.py to confirm what cloud/S3 endpoints and credentials are used. If your environment provides AWS credentials, the scripts might use them. - The SKILL.md enforces that the agent itself run auth.py login and present the exact login link template to the user; this gives the agent the ability to open network flows and persist tokens. If you prefer to control authentication manually, ask whether you can run auth.py yourself and then provide the saved credentials (or request a documented alternative flow) instead of allowing the agent to perform it. - Because there is no install spec, you will need to run pip install -r scripts/requirements.txt before using the skill. Consider running the code in an isolated environment (container or throwaway VM) and inspect shared/upload.py and shared/client.py for endpoints and any hardcoded URLs before granting the skill network access. - If you lack trust in the source (homepage unknown, owner unknown), treat this as higher risk: audit the code, confirm where files are uploaded and that no unexpected telemetry/exfiltration occurs, and prefer manual authentication or sandboxing. If you want, I can (a) list the exact env vars referenced across scripts, (b) summarize what shared/upload.py and shared/client.py do (endpoints, upload flows, credential usage), or (c) point out the exact lines where credentials are written/read so you can inspect them.

Like a lobster shell, security has layers — review code before you run it.

aivk97bc1b2fhfszqd40t1hr6t78s84hseebackground-removalvk97bc1b2fhfszqd40t1hr6t78s84hseedigital-humanvk97bc1b2fhfszqd40t1hr6t78s84hseeecommercevk97bc1b2fhfszqd40t1hr6t78s84hseeimagevk97bc1b2fhfszqd40t1hr6t78s84hseelatestvk97bc1b2fhfszqd40t1hr6t78s84hseettsvk97bc1b2fhfszqd40t1hr6t78s84hseevideovk97bc1b2fhfszqd40t1hr6t78s84hsee

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments