Skillv1.0.1

ClawScan security

mac-wallpaper-changer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 12, 2026, 10:09 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The code and instructions are consistent with a macOS wallpaper changer: it downloads images from Unsplash/Bing/Picsum, stores logs and preferences under your home directory, and sets wallpapers — nothing in the bundle indicates unrelated or hidden exfiltration behavior, but the package omits some runtime requirements in its registry metadata and performs privileged local actions (process restart, file writes).
Guidance: This skill is coherent for changing macOS wallpapers, but check the following before installing or running: - Runtime dependencies: The scripts expect Python >=3.12, the 'uv' runner, and Python packages (polars, duckdb, pyobjc). The registry metadata did not declare these — install them in a virtualenv or confirm your environment first. - Files and write access: The skill will create ~/wallpaper-daily/ (images, preferences.parquet, logs) and may read ~/.wallpaper_prefs.json and ~/.wallpaper_prefs.json embedding config. If you care about file placement, inspect and change the paths in the code before running. - Network access: The scripts fetch images from Unsplash (scraped NAPI or API), Bing, and Picsum. Ensure you are comfortable with those network calls. If you provide an UNSPLASH_ACCESS_KEY or embedding API keys, keep them secret and only provide keys you trust; the code will use them for search/embedding (embedding is a planned advanced feature referenced in docs). - Process control: To force wallpaper refresh the code runs 'killall WallpaperAgent' (and may use 'desktoppr' as fallback). That terminates the WallpaperAgent process to refresh the desktop — expected for the task but be aware it affects your desktop agent. - Run safely: Review the scripts locally, run them in a controlled environment or sandbox first, and consider running 'uv run scripts/change.py --download-only' (or equivalent) to test downloading without changing system state. If you do not have 'uv' or Python 3.12+, either install them or adapt the scripts to your Python runner. If you want, I can list the exact dependency lines and the places the skill writes/reads on disk, or point out the specific lines where network calls and 'killall' are issued.

Review Dimensions

Purpose & Capability: noteThe name/description match the included scripts (change.py, daily.py, recommend.py, preference.py, loc.py). All network calls and file operations are directly related to downloading, recommending, storing, and applying wallpapers. Minor inconsistency: SKILL.md and script headers require 'uv' and Python >=3.12 plus Python packages (polars, duckdb, pyobjc) but the registry metadata lists no required binaries/dependencies — the runtime will need those to run correctly.
Instruction Scope: okRuntime instructions (SKILL.md) and the scripts only reference wallpaper-related data and local config under the user's home (~/wallpaper-daily, ~/.wallpaper_prefs.json). The scripts call external image endpoints (Unsplash NAPI, Bing, Picsum) which is expected. They do not attempt to read unrelated system files or random credentials.
Install Mechanism: noteNo install specification is provided (instruction-only), which reduces installer risk. However the scripts include shebang metadata indicating Python >=3.12 and dependencies; the skill will require installing packages (polars, duckdb, pyobjc, etc.) and the 'uv' runner to execute. That mismatch (no declared runtime requirements in registry) is an operational omission the user should resolve before running.
Credentials: okNo required environment variables are declared. The code optionally reads UNSPLASH_ACCESS_KEY (for Unsplash API) and references an embedding config (assets template and references mention api_key or WALLPAPER_EMBEDDING_CONFIG) for planned advanced features. Those are optional and proportional to the described functionality; nothing requests unrelated credentials (AWS, GitHub tokens, etc.).
Persistence & Privilege: notealways:false and agent-autonomy defaults apply (no forced persistent inclusion). The scripts write files under the user's home (~/wallpaper-daily) and logs, and call 'killall WallpaperAgent' to refresh macOS wallpaper — this is a necessary-but-privileged local action (terminating a user-level/system agent). The skill does not modify other skills or system-wide agent configuration.