Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
qwen-omni-multimodal
v0.2.0基于阿里云百炼 Qwen3.5-Omni 的全模态 skill。支持文本、图片、音频、视频理解,以及文本/语音输出。 当用户需要分析图片、转写或理解音频、理解视频、进行跨模态问答,或直接生成语音回复时,使用此 skill。
⭐ 0· 133·0 current·0 all-time
byWei Zhou@zhouweico
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description claim integration with Alibaba Qwen Omni; the skill requires node and an API key for a 'dashscope' endpoint and contains a script that builds requests to dashscope.aliyuncs.com — these requirements are coherent with the stated multimodal purpose.
Instruction Scope
Runtime instructions and the script read local media files (images/audio/video), convert to Base64, and POST them to the dashscope compatible API; the script also manages local session files under sessions/*.json. These behaviors are expected for a multimodal client, but they mean any files you point the skill at will be uploaded to the remote service and conversation history will be written locally. The SKILL.md also references optional env vars (DASHSCOPE_BASE_URL, DASHSCOPE_MODEL, DASHSCOPE_VOICE) which are used by the script but only DASHSCOPE_API_KEY is listed as required in metadata — this is a minor documentation mismatch (optional vars are not declared as required).
Install Mechanism
No install spec or external downloads; the skill is a Node.js script (package.json) requiring Node >=18 and no third-party install steps. This is low-risk from an installation/extraction standpoint.
Credentials
Only a single required credential (DASHSCOPE_API_KEY) is declared and used to authorize requests to Dashscope (Alibaba). No unrelated cloud credentials or broad secrets are requested. The script references a few optional DASHSCOPE_* env vars (base URL, model, voice) which are reasonable for configuration.
Persistence & Privilege
always:false and user-invocable; the skill writes session files to a local sessions/ directory (expected for multi-turn support) but does not request system-wide privileges or modify other skills. Session persistence and local file writes are normal but worth noting.
Assessment
This skill appears to be what it says: a Node.js client for Alibaba Dashscope / Qwen Omni. Before installing, consider: (1) it will upload any images/audio/video paths you pass to the remote Dashscope endpoint — don't point it at sensitive local files unless you trust the service and your API key scope; (2) it stores conversation history in sessions/*.json on disk — review and/or clear these files if needed; (3) test with --dry-run first (SKILL.md describes this) to validate configuration without sending data; (4) restrict the DASHSCOPE_API_KEY you give it (use a scoped key if possible) and verify the base URL if you need to use an international endpoint. The only minor issue is that the docs reference optional env vars (DASHSCOPE_BASE_URL, DASHSCOPE_MODEL, DASHSCOPE_VOICE) but only the API key is listed as required in metadata — this is a documentation mismatch, not a functional red flag.scripts/qwen-omni-chat.js:7
Environment variable access combined with network send.
scripts/qwen-omni-chat.js:387
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk972b7pqvxpz397aev70yqvtbn83ys97
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binsnode
EnvDASHSCOPE_API_KEY
Primary envDASHSCOPE_API_KEY