test-restaurant-inspection
v1.0.0餐厅AI巡检自动化。自动管理智能体(检测/创建)、设备抓图、AI分析,实现食品安全/卫生/合规性自动巡检。
⭐ 0· 97·0 current·0 all-time
by@wsygcn
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (餐厅巡检) match the declared env vars (EZVIZ_APP_KEY, EZVIZ_APP_SECRET, EZVIZ_DEVICE_SERIAL), the SKILL.md, and the included Python script which calls Ezviz APIs (open.ys7.com, aidialoggw.ys7.com). The primary credential (EZVIZ_APP_KEY) and required secret (appSecret) are appropriate for the described activities (token retrieval, device capture, agent management).
Instruction Scope
SKILL.md instructs only to provide Ezviz credentials and device serial(s) and to run the script; it documents the workflow (token → agent list/create → capture → analysis) and does not ask the agent to read unrelated system files or other credentials. Note: SKILL.md states tokens are kept in memory and not logged; the included script does not print the raw token. However SKILL.md contains detected unicode-control characters (prompt-injection signal) which should be inspected — this is likely an encoding artifact but worth checking.
Install Mechanism
No install spec; this is instruction-only with a single Python script. The only runtime dependency is 'requests' (pip), which is proportionate and documented. No remote downloads or archive extraction are used.
Credentials
Required env vars are limited to Ezviz credentials and device serial(s). The number and sensitivity of requested env vars (app key/secret, device serial) are expected for integration with Ezviz APIs. No unrelated secrets or broad cloud credentials are requested.
Persistence & Privilege
always is false and the skill does not request permanent presence. The skill will create/manage Ezviz intelligent agent objects via Ezviz APIs (expected behavior for the described automation) — this will change remote account state (agent creation) but does not modify other skills or local system-wide settings.
Scan Findings in Context
[unicode-control-chars] unexpected: SKILL.md contained unicode control characters which triggered a prompt-injection detection. This is not expected for a normal README/instructions; it may be an encoding artifact or an attempt at hidden payloads. The included Python script is readable and shows no obfuscation. Recommend reviewing the SKILL.md raw bytes for hidden characters before trusting.
Assessment
This skill appears coherent with its stated purpose (Ezviz-based restaurant inspection). Before installing: 1) Use a least-privilege Ezviz appKey/appSecret (not high-privilege or owner credentials) and preferably a test account; 2) Review the SKILL.md raw text for the flagged unicode control characters to ensure no hidden instructions; 3) Inspect the full script (already included) and confirm network endpoints (open.ys7.com and aidialoggw.ys7.com) are expected; 4) Be aware the skill will query your agent list and may create an intelligent agent in your Ezviz account (this modifies remote state and may consume quotas); 5) Run initially in an isolated environment or with dummy devices to verify behavior; 6) Rotate credentials after testing and avoid storing tokens on disk. If you need higher assurance, ask the publisher for a canonical source/homepage and signed releases.Like a lobster shell, security has layers — review code before you run it.
latestvk976zrvvtpezfeekk7wkdh2x1h832840
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🍽️ Clawdis
EnvEZVIZ_APP_KEY, EZVIZ_APP_SECRET, EZVIZ_DEVICE_SERIAL
Primary envEZVIZ_APP_KEY