Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Byted Las Image Resample
v1.0.0Image resampling operator for downsampling images. Use this skill when user needs to: - Resize/downsample images to target size - Change image DPI settings -...
⭐ 0· 71·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's claimed purpose (downsample images, change DPI, convert formats, support URL/TOS/base64/binary input) matches the presence of a client that calls an external operator API. However the registry metadata lists no required environment variables while both SKILL.md and scripts/skill.py require an API key (LAS_API_KEY) for authentication. Also SKILL.md and references mention base64/binary inputs, but the code's _detect_image_src_type only accepts tos:// and http(s):// — a mismatch between claimed supported input types and actual implementation.
Instruction Scope
The SKILL.md instructs running scripts/skill.py which performs a JSON POST to the operator endpoint and may read LAS_API_KEY from environment or an env.sh file in the current directory. The runtime behavior is limited to building a payload, doing DNS lookups, blocking private IPs, network POST to operator.las.* host, and writing simple JSON output. It does not scan arbitrary filesystem paths beyond env.sh and does not exfiltrate unrelated environment variables, but the script will perform outbound network calls and can write files to the working directory. The discrepancy in accepted input types (doc vs code) is notable.
Install Mechanism
No install specification; this is instruction-plus-script (no remote installers or downloads). The agent would run an included Python script (scripts/skill.py) using local Python and requests. This lowers install risk compared to arbitrary remote downloads.
Credentials
The skill requires an API credential (LAS_API_KEY) as shown in SKILL.md and enforced by the script (get_api_key), and optionally uses LAS_API_BASE / LAS_REGION; yet the registry metadata declares no required env vars. That omission is a significant inconsistency: the API key is necessary for the skill to operate and is a privileged secret, so it should be declared and the user should understand what service will receive it.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent platform privileges. It does not modify other skills or system-wide configs. It can run autonomously (disable-model-invocation=false) which is normal for skills, but this combined with the network/API key requirement increases the importance of trusting the remote operator.
Scan Findings in Context
[pre-scan-injection-none] expected: No regex/static scan findings were reported. That is consistent with a small Python client that makes network requests; absence of findings is not evidence of safety. The script contains outbound HTTP requests and environment access which static regex checks may not flag.
What to consider before installing
This skill contacts a remote operator (operator.las.cn-*.volces.com) to perform image downsampling and requires an API key (LAS_API_KEY) despite the registry not declaring it. Before installing: 1) Confirm you trust the operator domain and the publisher; the skill will send image URLs and parameters to that service. 2) Do not provide highly privileged or reusable secrets—create a least-privilege API key if possible. 3) Note the script reads env.sh in the current directory; inspect any env.sh before use. 4) The documentation claims base64/binary inputs but the code appears to accept only tos:// and http(s):// — ask the publisher for clarification or test with a dry-run. 5) If you must run it, consider running in an isolated environment (no access to sensitive network resources) and inspect network traffic to verify endpoints and payloads.Like a lobster shell, security has layers — review code before you run it.
latestvk976atyxcbcd5twatf9vhvq2hx83jq1p
License
MIT-0
Free to use, modify, and redistribute. No attribution required.