Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Ai Image Cli
v1.0.0AI 图像生成工具。支持文生图(text2img)和图生图(img2img)功能,基于 AIGW API。 激活场景:生成图片、画图、制作图像、修改图片、图片编辑、 或提到 "生成图片"、"画一个"、"创建图像"、"修改这张图"、"改成"、"转为图片" 时激活。
⭐ 0· 82·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes an image-generation CLI that requires an AIGW API key (LANGBASE_TOKEN or ARK_API_KEY), and the shipped docs/scripts clearly depend on those tokens — yet the skill registry metadata declares no required environment variables or config paths. That mismatch (claimed no secrets required vs. instructions expecting service tokens and a user.env file) is a substantive incoherence.
Instruction Scope
Runtime instructions and helper scripts instruct the agent to source ~/.openclaw/user.env and /home/appops/.openclaw/user.env to obtain LANGBASE_TOKEN/ARK_API_KEY, run preflight/install scripts, and call the CLI. Those instructions cause the agent to read local config files and environment variables not described in the manifest; they also recommend running pip to install a package from a private index. The SKILL.md explicitly tells the user/agent to load and rely on local user.env files — this expands scope beyond a pure, self-contained instruction-only skill.
Install Mechanism
No install spec was registered, but scripts/install.sh will pip-install the package, defaulting to a private PyPI host (music-pypi.hz.netease.com). The script contains a DEFAULT_PYPI_INDEX value embedding basic-auth credentials (http://avlab:avlab123@music-pypi.hz.netease.com/simple). Pulling code from an internal/non-standard index (and with hard-coded credentials) is higher risk and unexpected for a publicly listed skill.
Credentials
The code and documentation require LANGBASE_TOKEN or ARK_API_KEY and instruct sourcing user.env files to obtain them, but the registry declares no required env vars or config paths. The install script also reads and uses PIP_INDEX_URL / PIP_TRUSTED_HOST (and falls back to an index with embedded credentials). Requesting access to local user.env files and expecting service tokens without declaring them is disproportionate and opaque.
Persistence & Privilege
The skill does not request always: true and does not claim elevated platform privileges. However, its install script will persist system/user-level Python packages (pip install --user or global), which alters the environment and leaves installed code on disk. This is not automatically malicious but is a notable persistent effect the user should accept explicitly.
What to consider before installing
This skill looks like a wrapper for a private AIGW-backed image CLI but is inconsistent with its registry metadata. Before installing or running it: (1) don't run the install.sh or preflight.sh blindly — they will source ~/.openclaw/user.env and may install code from a private PyPI (the script even includes baked-in credentials); (2) ask the publisher for a declared list of required env vars and config paths (LANGBASE_TOKEN / ARK_API_KEY and the exact user.env format) and for an explanation of the private PyPI usage; (3) inspect the ai-image-cli package source you would install (or prefer to install from a trusted public repository) and verify the package maintainer; (4) if you must test, run preflight/install in an isolated environment (container or VM) with no sensitive credentials mounted; (5) if any credentials (e.g., avlab:avlab123) in the scripts are real for your environment, consider them compromised and rotate them. If the publisher can provide a manifest that declares the required env vars and justifies the private-index install, the concerns here would be reduced.Like a lobster shell, security has layers — review code before you run it.
latestvk97281wkh42gfykqfztq3gwwe583ktq2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🎨 Clawdis