ClawHub

AISkinX护肤AI助手

v1.0.4

基于图片分析7项皮肤参数,提供个性化护肤产品推荐和智能AI护肤咨询服务。

0· 130·0 current·0 all-time
by@znsyhandao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (skin image analysis, product recommendation, local AI chat) matches the provided code, config, and docs. No unrelated credentials, binaries, or network dependencies are requested. package.json and config.yaml declare filesystem permission and local-only operation consistent with purpose.
Instruction Scope
SKILL.md confines operation to local image files, documents allowed dirs and file types, and instructs how to run the skill. A small documentation surface references online resources (GitHub, docs URLs), but the runtime instructions and code explicitly reject URL inputs and avoid network calls. Recommend verifying the entrypoint (skill_ascii_fixed.py) to confirm it doesn't start a server or initiate network requests at runtime (the provided truncated code shows no network imports).
Install Mechanism
No install spec is provided (instruction-only install via OpenClaw or load from disk). The skill bundle contains Python code and config; nothing is downloaded from external URLs. That is the lower-risk class of install behavior.
Credentials
The skill requests no environment variables or external credentials and limits filesystem access to configured allowed_dirs. The declared permissions ('filesystem') are proportional to an image-analysis skill that reads local files.
Persistence & Privilege
Flags show normal defaults (always: false, user-invocable: true, allow model invocation). The skill does not request persistent elevated privileges or to force-enable itself. It does not declare network or other cross-skill config modifications.
Assessment
This package is internally consistent with its 'local-only' claim and includes a path validator and image validation routines—good signs. Before installing, do the following: 1) Inspect the entrypoint (skill_ascii_fixed.py) to confirm it does not open network sockets, start an HTTP server, or import network libraries; 2) Run the skill in an isolated/test environment (sandbox or VM) and exercise typical commands (/skincare analyze) to verify URL inputs are rejected and only configured allowed directories are accepted; 3) Confirm any referenced allowed_dirs in config.yaml are appropriate for your environment (avoid adding system-level paths); 4) If you need higher assurance, run static scans for network patterns across all files (some docs include external links but that alone is not a runtime network call). If you see unexpected network activity, do not use the skill and report it to the skill source or platform.

Like a lobster shell, security has layers — review code before you run it.

aivk974d0a4pv56tnbmrww6954gqn83gxdzanalysisvk979kdmkek8cr4e7a2jahtex3n83fe3janalysissvk974d0a4pv56tnbmrww6954gqn83gxdzbeautyvk974d0a4pv56tnbmrww6954gqn83gxdzhealthvk974d0a4pv56tnbmrww6954gqn83gxdzlatestvk972q8z9ja6d55egvg5q7vbwch83h8wkskincarevk974d0a4pv56tnbmrww6954gqn83gxdz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments