← Back to Skills Marketplace
18072937735

Child Hazardous Behavior Recognition Tool | 儿童危险行为识别分析工具

by smyx-skills · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
73
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install smyx-child-dangerous-behavior-recognition-analysis
Description
Detects climbing, playing with fire, touching power sources, and dangerous actions near windows, providing real-time alerts. It is suitable for child safety...
Usage Guidance
This skill is not obviously malicious but has several red flags you should consider before enabling it: - Code reuse and scope creep: The package contains unrelated modules (face_analysis, pet-health docs) and a large shared library (skills/smyx_common). That may be benign reuse but increases the amount of code executed and any surprises. - File I/O and persistence: The skill will read/write config files and create a local SQLite DB under the workspace/data path and will save uploaded attachments to the skill directory. If you need to avoid local persistence, do not install or run it. - Network endpoints and API keys: The skill calls remote APIs (base URLs in skills/smyx_common/scripts/config.yaml point to lifeemergence domains). It will ask for an open-id (and optionally an API key). Do not provide real user identifiers, credentials, or sensitive data until you verify the backend endpoints and privacy policy. - Environment leakage: The code implicitly reads environment variables (OPENCLAW_SENDER_OPEN_ID, OPENCLAW_SENDER_USERNAME, FEISHU_OPEN_ID, OPENCLAW_WORKSPACE). If those exist in your environment they may be used automatically. - Minimal test recommendations: run the tool in an isolated sandbox workspace, with network egress blocked or pointed to a mock endpoint, and with empty/controlled OPENCLAW_WORKSPACE. Inspect (or prevent) the created config.yaml and sqlite DB. Review the actual API host addresses and confirm they are trusted before supplying real open-id or API keys. If you proceed, audit the code paths that perform HTTP requests (skills/smyx_common/scripts/api_service.py and scripts/api_service.py), decide where uploaded videos and generated reports will be stored, and confirm the remote service's data retention and privacy practices.
Capability Analysis
Type: OpenClaw Skill Name: smyx-child-dangerous-behavior-recognition-analysis Version: 1.0.0 The skill bundle implements a child safety monitoring system that analyzes video streams for hazardous behaviors via a remote API (lifeemergence.com). It utilizes a shared library (smyx_common) for managing authentication, local token storage in a SQLite database (smyx-common-claw.db), and cloud-based history retrieval. While SKILL.md contains high-priority instructions for the AI agent to ignore local memory files in favor of cloud data, and the code includes capabilities to recursively call the OpenClaw agent via subprocess (AgentSkill.ai_chat), these features appear to be legitimate architectural choices for maintaining data consistency and processing complex queries within the developer's ecosystem rather than indicators of malicious intent.
Capability Assessment
Purpose & Capability
The declared purpose is child hazardous behavior recognition and the scripts implement a wrapper that calls a remote analysis API, which is coherent. However the repository includes unrelated artifacts (face_analysis and pet-health references, README about TCM face diagnosis, references/api_doc.md about pet health) suggesting code reuse or copy-paste from other domains. That mismatch increases risk because the skill will pull in a general-purpose common library (skills/smyx_common) and may call generic AI endpoints rather than a narrowly scoped child-safety API.
Instruction Scope
SKILL.md forbids reading local memory files, but the runtime instructions and code explicitly require reading configuration files (skills/smyx_common/scripts/config.yaml in-skill and in-workspace) to obtain open-id and may auto-save uploaded attachments under the skill directory. The skill instructs running python -m scripts.child_dangerous_behavior_recognition_analysis from the skill root which will execute the included codebase (not a minimal single-script). The code also includes a local DAO and SQLite usage (skills/smyx_common/scripts/dao.py) and utilities that may access workspace paths. This conflicts with the 'absolute prohibition' on local memory access and widens scope to file I/O and local persistence.
Install Mechanism
There is no install spec (instruction-only), so nothing will be automatically downloaded at install time. However the bundle contains a large requirements list (skills/smyx_common/requirements.txt and face_analysis requirements) and many Python modules; the SKILL.md mentions requests>=2.28.0. Because no installer is declared, users/operators must manually satisfy dependencies — the lack of an install step is inconsistent with the embedded requirements but not itself malicious.
Credentials
The skill declares no required environment variables but the code reads several environment values implicitly: OPENCLAW_SENDER_OPEN_ID, OPENCLAW_SENDER_USERNAME, FEISHU_OPEN_ID and OPENCLAW_WORKSPACE are referenced in skills/smyx_common/scripts/config.py and dao.py. The SKILL.md enforces retrieving an 'open-id' via local config files or from the user message; it also encourages passing optional api-key/api-url. Requesting/pulling these values at runtime (and creating config files if missing) is broader than the declared 'none' and may access workspace-wide config and create files/databases under workspace/data.
Persistence & Privilege
Although always:false, the skill will create/read files and a local SQLite DB: YamlUtil.load will create config.yaml if missing (skills/smyx_common/scripts/config.yaml), and Dao.get_db_path builds a workspace data path and creates a sqlite DB (smyx-common-claw.db) under workspace/data. SKILL.md also says uploaded attachments will be saved to an attachments directory under the skill. These behaviors persist data on disk and modify config/DB files in the workspace, which is more privilege than the description implies.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install smyx-child-dangerous-behavior-recognition-analysis
  3. After installation, invoke the skill by name or use /smyx-child-dangerous-behavior-recognition-analysis
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: AI-powered tool for real-time child dangerous behavior recognition and alerting. - Detects climbing, playing with fire, touching power sources, and dangerous actions near windows from video streams. - Provides instant alerts and generates structured safety reports for homes, kindergartens, and nurseries. - Strict open-id acquisition and data access controls enforced for security and privacy. - All report queries fetch data from the cloud API; local memory access is strictly prohibited. - Outputs historical safety reports in clear Markdown tables with direct report links.
Metadata
Slug smyx-child-dangerous-behavior-recognition-analysis
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Child Hazardous Behavior Recognition Tool | 儿童危险行为识别分析工具?

Detects climbing, playing with fire, touching power sources, and dangerous actions near windows, providing real-time alerts. It is suitable for child safety... It is an AI Agent Skill for Claude Code / OpenClaw, with 73 downloads so far.

How do I install Child Hazardous Behavior Recognition Tool | 儿童危险行为识别分析工具?

Run "/install smyx-child-dangerous-behavior-recognition-analysis" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Child Hazardous Behavior Recognition Tool | 儿童危险行为识别分析工具 free?

Yes, Child Hazardous Behavior Recognition Tool | 儿童危险行为识别分析工具 is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Child Hazardous Behavior Recognition Tool | 儿童危险行为识别分析工具 support?

Child Hazardous Behavior Recognition Tool | 儿童危险行为识别分析工具 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Child Hazardous Behavior Recognition Tool | 儿童危险行为识别分析工具?

It is built and maintained by smyx-skills (@18072937735); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments