Skillv0.1.0

ClawScan security

Photo Pack Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 13, 2026, 1:37 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly does what it says (generate identity-preserving photo packs), but there are several internal contradictions and unclear external dependencies that warrant caution before installing or running it.
Guidance: Before installing or running this skill: 1) Inspect the referenced helper scripts (../../../../core/media/upload.sh and generate-image.sh) to confirm where images are uploaded, which external endpoints are contacted, and what credentials (if any) they use. 2) Review the bundled prompts: there are contradictions between the SKILL.md guardrails (don’t describe hair/age/etc., preserve identity) and concrete prompt templates that add hairstyles/props/implants — decide whether those templates meet your privacy/consent requirements. 3) Confirm you have permission from any person whose face will be used; this tool can produce realistic, contextualized images of a real person which may have legal or ethical implications. 4) If you plan to run this in a restricted environment, run the script in a sandbox and monitor network calls and file writes. If you cannot inspect the helper scripts or verify where uploads go, treat the skill as untrusted.

Review Dimensions

Purpose & Capability: noteThe SKILL.md and the bundled shell script align with the stated purpose (producing multiple stylized images that preserve a reference face). However the script expects platform-local helper scripts (../../../../core/media/upload.sh and generate-image.sh) which are not declared in the skill metadata; those helper scripts will control where the reference image and generated images are sent/stored and should be audited before use.
Instruction Scope: concernThe runtime instructions forbid describing age/ethnicity/hair/beard, and insist identity must be preserved, yet the bundled prompts/templates in scripts explicitly set hairstyle, clothing, environment, and even cosmetic/implant details in ways that could contradict the stated guardrails. There are contradictions between 'do not describe hair/beard' and prompt lines that set hairstyles; between 'maintain similar head orientation' and prompts that request 'looking directly at the camera' or large scene changes. This mismatch gives the agent broad and inconsistent discretion over how the subject will be represented.
Install Mechanism: noteNo install spec (instruction-only) reduces surface risk because nothing is downloaded automatically. The included bash script is the only code; it calls external local helper scripts (upload.sh, generate-image.sh) and writes to a media_outputs path. Those helper scripts may perform network I/O or external service calls — audit them to understand actual network endpoints and behavior.
Credentials: noteThe skill declares no required environment variables or credentials (proportionate). That said, the script uploads images via a helper upload.sh and invokes generate-image.sh: those helpers could require or use credentials or send images to third-party services. The skill itself does not declare or request those secrets, so you must inspect the helper scripts or runtime environment to confirm where data goes and what credentials are used.
Persistence & Privilege: okThe skill does not request persistent/always-on privileges and is not force-included. It does not modify other skills' configs in the provided files.