Back to skill
Skillv1.0.2
ClawScan security
Figure Legend Gen · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 17, 2026, 3:35 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill appears to implement a local figure-legend generator and asks for no credentials, but its documentation and metadata claim network/API activity and list dependencies that aren't present in requirements.txt — this mismatch warrants caution and clarification before installing or running on sensitive data.
- Guidance
- Before installing or running this skill: 1) Ask the author to explain why SKILL.md claims network/API usage and a 'High' network risk if the included script appears purely local; confirm there are no external endpoints used. 2) Inspect the full scripts/main.py (the manifest listing was truncated) to verify there are no hidden network calls or code that exfiltrates files. 3) Fix dependency mismatches: requirements.txt does not list Pillow/pytesseract which the README references; ensure required packages are explicit and safe. 4) Run the tool in a sandbox or isolated environment the first time, and do not feed it sensitive or proprietary images until you confirm no external communication occurs. 5) If you need stronger assurance, request a signed provenance or a canonical source (homepage/author repo) and ask for reproducible build/install instructions that do not rely on unreviewed remote downloads.
Review Dimensions
- Purpose & Capability
- noteName/description match the included script: a local Python tool that generates figure legends from an image and templates. However, SKILL.md and metadata label the skill as 'Hybrid (Tool/Script + Network/API)' and list 'Network Access' as high risk while the provided code (visible portion) contains no network calls. Also SKILL.md names PIL and pytesseract as dependencies but requirements.txt does not include them. These inconsistencies suggest the metadata/README and code are out-of-sync.
- Instruction Scope
- noteRuntime instructions tell the agent to run the local Python script on a provided image path and to install requirements.txt. The script validates and reads local files and writes output; there are no instructions to collect unrelated system data. But SKILL.md contains a 'Network/API' claim and a security checklist referencing HTTPS and external APIs; the instructions do not show what external endpoints would be used. The file listing of main.py was truncated in the package summary; the missing tail could contain network calls — this uncertainty increases risk.
- Install Mechanism
- okNo install spec is provided (instruction-only + included script). There are no downloads or external installers in the manifest. This is low-risk from an install-mechanism perspective.
- Credentials
- okThe skill declares no required environment variables, no credentials, and no special config paths. The code shown only needs access to the input image and optional output path — proportional to the stated purpose.
- Persistence & Privilege
- okSkill flags indicate normal user-invocable behavior and always:false. The package does not request elevated/system persistence or modifications to other skills. No concern here.