Back to skill
Skillv1.0.0
ClawScan security
vwu.ai kling Models · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 16, 2026, 4:39 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill largely does what it says (calls vwu.ai models) but registry metadata omits required environment variables and binaries and the included script exposes a configurable base URL and partial API-key output — these inconsistencies could be accidental but warrant caution before installing.
- Guidance
- This skill appears to implement the claimed vwu.ai model calls, but there are a few red flags you should address before using it with real credentials: (1) The registry metadata does not declare the required VWU_API_KEY or the needed CLI tools (curl, jq, zsh) — assume you must provide these. (2) The script allows VWU_BASE_URL to be overridden by an environment variable but SKILL.md doesn't mention that; consider hardcoding or verifying VWU_BASE_URL is set to https://vwu.ai to avoid accidentally sending your key to another endpoint. (3) The script reveals the first 8 characters of your API key in error messages; avoid using your main/long-lived key—use an ephemeral or limited-scope key if possible. (4) Review the vwu-chat.sh file yourself (or run it in an isolated environment) before exporting any secrets. If you plan to install broadly, ask the author to update registry metadata to declare VWU_API_KEY and required binaries and to document/lock the base URL.
Review Dimensions
- Purpose & Capability
- noteThe skill's code and SKILL.md match the stated purpose: calling vwu.ai's OpenAI-compatible chat endpoint for the listed kling models. However the registry metadata does not declare the VWU_API_KEY credential (required by the script) nor the dependency on common CLI tools (curl, jq, zsh). That mismatch is unexpected.
- Instruction Scope
- okSKILL.md and the script stick to the advertised task: sending a chat completion request to vwu.ai and printing the response. They do not read unrelated user files or system state beyond environment variables and the shipped models.txt.
- Install Mechanism
- noteThere is no install spec (instruction-only), which is low-risk. The skill includes a shell script that runs in-place; it relies on curl and jq but these are not declared in metadata—users should ensure those binaries are present from trusted sources.
- Credentials
- concernThe script requires VWU_API_KEY but the registry lists no required env vars or primary credential. The script also accepts VWU_BASE_URL (default https://vwu.ai) though SKILL.md does not document this override; that means the request target (and thus where an API key might be sent) can be redirected via an env var. Additionally, on API errors the script prints the first 8 characters of the key, which leaks part of the secret.
- Persistence & Privilege
- okThe skill does not request persistent or elevated platform privileges (always:false). It does not modify other skills or system-wide settings.