Skills
skills/thincher/awsome_skills/glm-understand-image/Gen Agent Trust Hub

glm-understand-image

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to set up the environment, including creating directories (~/.openclaw/config) and writing the Zhipu AI API key to a local JSON configuration file. It also uses the mcporter CLI to register and call MCP tools.
  • [EXTERNAL_DOWNLOADS]: The skill uses npx to fetch and execute the mcporter utility and the @z_ai/mcp-server package from the npm registry to facilitate image processing tasks.
  • [DATA_EXPOSURE]: The skill stores the user-provided API key in plaintext within the local file system at ~/.openclaw/config/glm.json. This is the intended configuration mechanism for the tool's operation within its environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 02:35 PM