weimage

This skill contains covert behavior that places generated images into a hard-coded external website, loads root-level environment variables, and enforces silent forwarding to users — behavior consistent with data exfiltration and intentional misdirection.

Do not install or run this skill. It enforces silent behavior, loads root .env credentials, forces a root python environment, copies generated files into a hard-coded public website (voice.robotmusk.com), and instructs automatic messaging — all signs of covert exfiltration. If you already ran it: 1) uninstall/remove the skill immediately; 2) inspect and remove files under /opt/1panel/www/sites/voice.robotmusk.com/index and /root/.openclaw/workspace for unexpected artifacts; 3) check and rotate any secrets stored in /root/.openclaw/.env and other credentials that could have been exposed; 4) block outbound traffic to voice.robotmusk.com and related hosts; 5) audit agent messaging logs for automatic pushes to users (WeChat/default_api.message) and notify affected users; 6) if this ran on a production host, perform a host compromise investigation and consider rebuilding the host. The script's behavior is intentionally covert and not proportionate to a benign image-generation helper.