Generate Qrcode
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a straightforward local QR-code generator, with only minor considerations around running Python, the QR library dependency, and choosing a safe output file path.
This skill looks safe for its stated purpose. Before installing, be comfortable with running a local Python script, use a trusted qrcode library installation if needed, and choose QR output paths that will not overwrite important files.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
When used, the agent may run the bundled Python script on your machine to create a QR code.
The skill directs the agent to run a local Python script. This is disclosed and central to generating QR codes, but it is still local code execution users should recognize.
python3 ~/.openclaw/skills/generate-qrcode/agent.py "<URL or text>" <output_path>
Use it for QR-code generation tasks only and keep the bundled script limited to the reviewed behavior.
If the library is not already installed, you may need to install a Python package from an external package source.
The script depends on the external qrcode package and suggests a manual pip install if it is missing. There is no automatic install or hidden download, but the dependency version is not pinned in the artifacts.
import qrcode ... print("Install with: pip install qrcode[pil]", file=sys.stderr)Install dependencies from trusted package sources and consider pinning a known-good qrcode version in managed environments.
A QR image file will be created or overwritten at the requested path.
The script writes to the output path provided by the caller and creates the output directory if needed. This is expected for a QR generator but means the chosen path controls where a file is written.
os.makedirs(output_dir, exist_ok=True) ... img.save(output_file)
Specify an output path in a normal user-writable location and avoid sensitive or system paths.