← Back to Skills Marketplace
smyx-sunjinhui

Baby Blanket Kick Monitoring Skill | 婴儿蹬被监测技能

by smyx-sunjinhui · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
72
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install smyx-infant-blanket-kick-monitoring-analysis
Description
Identifies babies kicking off blankets or exposing their bodies during sleep and alerts parents to cover them up to prevent catching a cold. | 婴儿蹬被监测技能,识别婴儿夜...
Usage Guidance
Key points to consider before installing or using this skill: - Source and privacy: The skill will accept and upload infant monitoring videos to external API endpoints configured in the code (smyx_common ApiEnum BASE_URLs). There is no homepage or official source; verify the API host (config.yaml defaults reference lifeemergence.com) and privacy policy before sending sensitive video/PII. - Hidden/implicit credentials: Although the registry lists no required environment variables, the code expects API keys/open-id either in skills/smyx_common/scripts/config.yaml, workspace config, or via command-line. Do not provide production credentials or any sensitive tokens unless you trust the code and the remote API. - Local storage and retention: The skill saves uploaded files to an attachments folder and the package contains a DAO that creates a local SQLite DB under the workspace data directory. Expect persistent storage of videos and report metadata on disk; if this is unacceptable, run the skill in an isolated environment or inspect/modify the code first. - Incoherent rules: The SKILL.md forbids reading local 'memory' files but requires reading local config files to obtain open-id/API keys. This contradiction should be resolved by the author; treat the 'no local memory' claim skeptically. - Audit network behavior: Review the RequestUtil and ApiService code paths (not shown in full) to confirm which endpoints are contacted and what headers/fields are sent. You may want to run the skill in a network-isolated sandbox or with a traffic capture to confirm behavior before using with real baby-monitoring videos. - Reduce exposure: If you test, use dummy/open-id values and test videos without identifiable faces; avoid real credentials. If you must use with real data, prefer an isolated machine and verify/clean attachment and DB directories after use. If you want, I can: (1) point out exact lines where files are written and where HTTP uploads occur, (2) extract and summarize RequestUtil behavior and endpoints, or (3) suggest specific edits to limit local persistence and explicit network destinations.
Capability Analysis
Type: OpenClaw Skill Name: smyx-infant-blanket-kick-monitoring-analysis Version: 1.0.0 The skill bundle exhibits high-risk architectural patterns, including the use of a local SQLite database (dao.py) to store user tokens and the inclusion of an 'AgentSkill' class (skill.py) that executes recursive agent commands via subprocess. The SKILL.md uses aggressive prompt steering ('Mandatory Rules') to explicitly forbid the AI from accessing its own local memory, forcing reliance on external APIs at lifeemergence.com. While these behaviors align with a cloud-integrated monitoring service, the automated registration logic in RequestUtil and the override of standard agent memory protocols are highly invasive.
Capability Tags
requires-sensitive-credentials
Capability Assessment
Purpose & Capability
The declared purpose (detect infant blanket-kicking from video and alert parents) aligns with the core scripts (infant_blanket_kick_monitoring_analysis.py and skill wrapper). However the package also bundles a large 'smyx_common' utility layer and an unrelated 'face_analysis' skill (traditional Chinese medicine face diagnosis) and a heavy requirements list. Including a general-purpose DAO/SQLite layer, extensive API enum/config management, and an unrelated face-analysis skill is broader than necessary for a narrowly scoped blanket-kick detector and suggests the bundle contains more functionality and surface area than the description implies.
Instruction Scope
SKILL.md forbids reading local 'memory' and long-term LanceDB memory, but the runtime instructions explicitly demand reading local config files (skills/smyx_common/scripts/config.yaml and workspace config) to get open-id and API keys. The skill also instructs saving uploaded video attachments into an attachments directory and the codebase includes a DAO that writes a local SQLite DB under the workspace/data path. The instructions therefore both mandate and perform local filesystem reads/writes and network calls: they may store sensitive video files locally and will upload them to external APIs. The prohibition against reading memory files is contradictory with other local file usage requirements, increasing risk of accidental data leakage or persistent storage of PII.
Install Mechanism
This is instruction- and code-bundle only (no external download/install spec). Nothing in the metadata triggers an external arbitrary download during install. However the repository includes a large requirements list (skills/smyx_common/requirements.txt and face_analysis requirements) that, if installed in a runtime, would pull many packages — the absence of an install spec reduces immediate install-time risk but the code expects third-party packages (requests etc.) at runtime.
Credentials
The registry metadata lists no required env vars or credentials, but the code and SKILL.md expect API keys/open-id to appear in local config files or environment (ConstantEnum.init reads OPENCLAW_SENDER_OPEN_ID, OPENCLAW_WORKSPACE is consulted by DAO). The skill will use API_KEY/API URL settings from skills/smyx_common config or workspace configs and accepts an --api-key parameter. This mismatch (no declared secrets but clear implicit reliance on API keys, open-id, and workspace environment) is disproportionate and obscures what secrets are needed and where they go.
Persistence & Privilege
always:false and model invocation allowed (normal). But the skill explicitly saves uploaded attachments to the skill directory and the included DAO creates/uses a local SQLite DB under a workspace data directory. That means user videos and records may be persisted on disk by the skill. The skill does not request elevated platform privileges, nor does it modify other skills, but the persistent storage of sensitive video/metadata by default increases privacy risk and persistence beyond a single session.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install smyx-infant-blanket-kick-monitoring-analysis
  3. After installation, invoke the skill by name or use /smyx-infant-blanket-kick-monitoring-analysis
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Baby Blanket Kick Monitoring Skill - Initial Release - Monitors infants during sleep to detect blanket-kicking and body exposure, alerting parents to prevent colds. - Enforces strict data privacy: prohibits reading local memory or long-term storage; all history queries must use the cloud API. - Automated detection includes pose recognition, blanket coverage, exposure duration, and prompt alerts when risk is detected. - Requires open-id retrieval via a fixed flow from config files or direct user input before any operation; does not accept default or generated values. - Supports video analysis from file or URL and lists historical reports with clickable links in markdown table format. - Includes detailed operation steps, safety warnings, and example commands for users.
Metadata
Slug smyx-infant-blanket-kick-monitoring-analysis
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Baby Blanket Kick Monitoring Skill | 婴儿蹬被监测技能?

Identifies babies kicking off blankets or exposing their bodies during sleep and alerts parents to cover them up to prevent catching a cold. | 婴儿蹬被监测技能,识别婴儿夜... It is an AI Agent Skill for Claude Code / OpenClaw, with 72 downloads so far.

How do I install Baby Blanket Kick Monitoring Skill | 婴儿蹬被监测技能?

Run "/install smyx-infant-blanket-kick-monitoring-analysis" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Baby Blanket Kick Monitoring Skill | 婴儿蹬被监测技能 free?

Yes, Baby Blanket Kick Monitoring Skill | 婴儿蹬被监测技能 is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Baby Blanket Kick Monitoring Skill | 婴儿蹬被监测技能 support?

Baby Blanket Kick Monitoring Skill | 婴儿蹬被监测技能 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Baby Blanket Kick Monitoring Skill | 婴儿蹬被监测技能?

It is built and maintained by smyx-sunjinhui (@smyx-sunjinhui); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463942 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259883 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200739 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191401 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190375 · by oswalpalash

💬 Comments