Back to skill
Skillv1.0.1
ClawScan security
Generate Image · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 8, 2026, 4:27 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill mostly does what it claims (generate article images) but has a few incoherences you should understand before installing — notably it invokes an external CLI (md2wechat) though the metadata declares no required binaries, and it defaults to a third-party image API endpoint (new.suxi.ai) without declaring credential requirements.
- Guidance
- This skill appears to perform the image-generation task described, but note two practical inconsistencies before installing: (1) runtime.py calls the 'md2wechat' CLI (subprocess) — ensure that binary is trusted and available on PATH, because the skill metadata does not declare it as required; (2) the skill defaults to a third-party image API base (https://new.suxi.ai/v1). If you will use that remote provider, confirm you are comfortable sending requests and (if needed) credentials to it. Provide any API token via your md2wechat config or an environment variable you control (e.g., IMAGE_API_KEY) rather than embedding secrets into the skill. If you need higher assurance, inspect or vet the md2wechat tool and the external provider (new.suxi.ai) and consider running the skill in an environment with restricted network access until reviewed.
Review Dimensions
- Purpose & Capability
- noteThe name/description align with the code: the skill extracts article frontmatter and generates/export a PNG. However the runtime invokes an external CLI ('md2wechat generate_image') as its primary backend while the skill metadata lists no required binaries. That implicit dependency on an external tool is an inconsistency a user should expect to resolve before use.
- Instruction Scope
- okSKILL.md and runtime.py stay within the stated purpose: read the markdown draft, resolve provider/model (from frontmatter, request args, or defaults), call the generator, and write a PNG to content-production/ready/*.png. The instructions do not request unrelated files or secrets. They do instruct users how to obtain a token for the third-party service (job.suxi.ai), which is consistent with using an external image provider.
- Install Mechanism
- noteThere is no install spec (lowest disk-write risk). But the runtime relies on invoking an external CLI ('md2wechat') via subprocess.run; if that tool is absent the skill will fail. The skill also fetches image bytes via urllib.request from provider URLs returned by the CLI. The lack of declared binary requirements is a mismatch with actual runtime behavior.
- Credentials
- noteThe skill declares no required environment variables, yet README and runtime behavior expect tokens/config to be provided to the md2wechat CLI (e.g., IMAGE_API_KEY or existing md2wechat config). It injects IMAGE_PROVIDER/IMAGE_API_BASE/IMAGE_MODEL at runtime (not secrets). The default API base is a non-standard third-party host (https://new.suxi.ai/v1, '香蕉画图'), which means network calls and potentially credentialized access to that service — this should be explicitly acknowledged by an installer.
- Persistence & Privilege
- okThe skill does not request persistent 'always' privilege, does not install itself, and does not alter other skill configs. It writes output artifacts to the pipeline path as expected.