Skillv1.0.0

ClawScan security

ERNIE Image Generation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 30, 2026, 3:52 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and required environment variable (AI_STUDIO_API_KEY) are coherent with its stated purpose of calling Baidu AI Studio's ERNIE image API; nothing in the bundle suggests unrelated access or hidden endpoints.
Guidance: This skill appears internally consistent for Baidu ERNIE image generation, but take these precautions before installing or running it: - Protect your AI_STUDIO_API_KEY: treat it like a password and avoid pasting it into public places. Prefer a limited-scope or disposable token for testing. - Review the included script (scripts/generate.py) yourself — it is short and readable — and confirm the base_url and headers match expectations (they do: aistudio.baidu.com). - The README suggests installing 'uv' via a remote install script (curl https://astral.sh/uv/install.sh | sh). Do NOT run remote install scripts without inspecting them; consider installing required tools and Python packages manually (pip install openai) in an isolated environment. - Be aware that the skill defines quick triggers that treat user text after certain phrases as immediate generation prompts; if you do not want automatic generations, disable autonomous invocation or adjust agent policies accordingly. - Test with a small, non-sensitive prompt and/or a disposable token to confirm behavior and quota usage before regular use.

Review Dimensions

Purpose & Capability: okName/description, SKILL.md, references/api-guide.md, and scripts/generate.py all consistently describe ERNIE-Image/ERNIE-Image-Turbo usage via Baidu AI Studio. The only required credential is AI_STUDIO_API_KEY and the code uses the Baidu base_url (https://aistudio.baidu.com/llm/lmapi/v3). No unrelated services, binaries, or credentials are requested.
Instruction Scope: okRuntime instructions and the script only read the prompt and the AI_STUDIO_API_KEY env var, call the Baidu API, and write PNG files to the configured output directory. Quick-trigger behavior (automatic prompt→generate mappings) is explicit and consistent with an image-generation skill. The skill does not read other system files, secrets, or post data to unexpected external endpoints.
Install Mechanism: noteThere is no automated install spec (instruction-only + a small script). The Python script declares a dependency on openai>=2.33.0 and requires Python 3.11+. The documentation suggests installing 'uv' via a curl | sh invocation from https://astral.sh/uv/install.sh, which is an external install-script recommendation — this is not part of the packaged install but is a potential risk if you run the provided one-line installer without review. Consider manually inspecting any installer script before running.
Credentials: okOnly AI_STUDIO_API_KEY is requested (declared as primaryEnv) and that single token is used in the script to authenticate to the Baidu AI Studio endpoint. No other SECRET/TOKEN/PATH requirements are present. The requested credential is proportionate to the functionality.
Persistence & Privilege: okalways:false (not forced), user-invocable, and the skill does not modify other skills or system-wide configuration. It writes generated images to the chosen output directory (normal for this task). Autonomous invocation is permitted by platform default but is not excessive here.