Qwen Code

The skill is a wrapper for the powerful 'qwen' AI coding CLI, which inherently carries high-risk capabilities such as generating, executing, and modifying code, and potentially reading sensitive files (as explicitly warned in SKILL.md regarding `~/clawd/`). The script `scripts/qwen-code.js` uses `child_process.spawn` to execute `qwen` commands with user-controlled prompts, which could facilitate prompt injection against the `qwen` CLI itself, leading to arbitrary code execution or unauthorized data access. While the skill's documentation attempts to mitigate these risks by warning about 'YOLO' (auto-approve) mode and sensitive directories, the underlying capabilities are significant vulnerabilities without clear malicious intent from the skill's author.