Skills
skills/wulaosiji/skills/zhuoran-selfie/Gen Agent Trust Hub

zhuoran-selfie

Fail

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: CRITICALCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [CREDENTIALS_UNSAFE]: The script zhuoran_selfie.py contains a function send_via_openclaw that directly accesses and reads sensitive credentials (FEISHU_APP_ID, FEISHU_APP_SECRET) from the user's home directory at ~/.openclaw/.env.
  • [DATA_EXFILTRATION]: The skill harvests local credentials and uses them to transmit data to the Feishu API. It also accesses ~/.openclaw/config/main.env in generate_portrait_base.py to ingest environment configurations.
  • [PROMPT_INJECTION]: The file generate_undress_video.py is explicitly designed to bypass safety filters and generate non-consensual sexual content. It uses prompts such as 'beautiful young woman slowly removing her wet camisole top' to generate 'undress' videos, instructing the AI model to perform restricted actions.
  • [COMMAND_EXECUTION]: The script scripts/clawra-selfie.ts utilizes child_process.exec to execute shell commands with interpolated variables (message.channel, message.message, message.media). This pattern is susceptible to command injection if input parameters are influenced by untrusted data.
  • [EXTERNAL_DOWNLOADS]: The skill makes numerous requests to external APIs (api.wavespeed.ai, fal.run) and downloads generated media files to the /tmp directory without verifying the source or integrity of the resulting content.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Apr 18, 2026, 01:11 AM
Security Audit — agent-trust-hub — zhuoran-selfie