Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Pollinations Image Generator
v1.0.0Generate detailed images from text prompts using Pollinations.ai models with optional configuration, model selection, and advanced settings.
⭐ 0· 820·10 current·10 all-time
by@aprilox
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the included scripts: the code implements an image generator targeting Pollinations.ai. However the metadata declared no required binaries while the scripts clearly depend on common CLI tools (curl, file, stat/realpath, date, grep, sed, possibly python3). That mismatch is not dangerous on its own but is a coordination inconsistency the user should be aware of.
Instruction Scope
SKILL.md instructs local use and an optional .env in the skill dir, but generate.sh reads environment files from SCRIPT_DIR/../.env and from $PWD/.env (broader than the documentation). The loader exports every key/value it finds and uses eval to check whether a variable is already set. Loading and eval-ing arbitrary .env content can pick up unrelated secrets from parent/current directories and creates risk of accidental variable exposure or injection if those files are untrusted.
Install Mechanism
No install spec is present (instruction-only + shell scripts). No remote downloads or archive extraction occur. This is low risk compared to skills that fetch and run arbitrary code.
Credentials
Declared requirements list no credentials, which matches API key being optional. But the script will load and export any key=value pairs found in ../.env and $PWD/.env — potentially pulling unrelated secrets into the process. It also will send POLLINATIONS_API_KEY as a Bearer header if present. Requesting no env variables is reasonable for an optional key, but the implicit reading of other .env files is disproportionate to the stated purpose.
Persistence & Privilege
The skill creates and writes its own files (.user.conf, .first-run-complete) and writes generated images to $HOME/.openclaw/workspace/outputs/pollinations-image. This is normal for a CLI tool and not over-privileged, but the hard-coded OUTPUT_DIR under $HOME/.openclaw is a persistent path you may want to review or change.
What to consider before installing
This skill appears to implement a Pollinations image generator and is readable, but exercise caution before installing: 1) The scripts load .env files from the skill parent directory and the current working directory — move or audit any .env files that contain secrets so unrelated credentials aren't picked up. 2) The env loader uses eval to probe variables; untrusted .env contents could be risky—inspect .env files before running. 3) The scripts assume common CLI tools (curl, file, stat/realpath, sed, grep; python3 optional) but the metadata didn't declare these—ensure your environment provides them. 4) If you want to limit exposure, run the skill in an isolated directory or container, and don't keep sensitive keys in parent or current-directory .env files. Reviewing the provided generate.sh and lib/models.sh (they are included) is a good first step; if you need lower risk, ask the maintainer to remove loading of ../.env and $PWD/.env or to explicitly document required binaries and environment behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk972tcwjd6pnw7wsh81eaq7bw981j2bg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.