This skill extracts knowledge from an image and saves it locally.

This skill's behavior appears coherent with its description, but take precautions before installing or running it: - Installation: The package.json lists dependencies (axios, sharp, tesseract.js) but no install steps are provided. Ask the author for an install spec or be prepared to run npm/pnpm install in a safe environment. Sharp is a native module and often requires build tools or prebuilt binaries. - Files written: The skill will create ~/openclaw-skill-data/image-knowledge-assets/ and ~/openclaw-skill-data/image-knowledge.json (or a literal '~/openclaw-skill-data' if HOME is unset). If you run it, expect persistent files in your home directory; run in a sandbox or change the code/path if you prefer. - Remote downloads: The skill will fetch any URL you pass. Do not provide untrusted or internal-network URLs (it could fetch internal endpoints if you or an agent supplies such URLs). If an agent can call it autonomously, ensure it only runs on user-supplied images. - Tesseract language data and runtime: The code calls tesseract.js; make sure required language models (e.g., chi_sim) are available or that tesseract.js is configured correctly. - Recommendation: request or supply a proper install spec (or containerized packaging), test in an isolated environment, and verify where files are written before granting it regular use.

Type: OpenClaw Skill Name: image-collect Version: 1.0.0 The skill is classified as suspicious due to a significant local file read vulnerability in `dist/index.js`. The `saveImage` function uses `fs.copyFileSync` on the user-provided input path without any validation or sandboxing, allowing the agent (or a prompt injection attack) to copy sensitive files (e.g., SSH keys, credentials) from the host into the skill's data directory. Additionally, the use of `axios` to fetch remote images without URL filtering introduces a Server-Side Request Forgery (SSRF) risk.