Skillv1.0.0

ClawScan security

Baby Photo Book · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 23, 2026, 6:46 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (generating print-ready baby photo books from a folder of photos) and request no credentials or unusual system access, but the main script was truncated in the provided bundle so a full review is recommended before running.
Guidance: This skill appears to do what it claims: local photo processing and PDF generation with no external credentials. Before installing or running it, do the following: (1) open and review the remainder of scripts/generate_photo_book.py (the supplied file was truncated) and confirm there are no network calls (requests, urllib, socket), subprocess/os.system usage that executes external commands, or code that reads files outside the provided photo_folder. (2) Search the script for suspicious tokens (http://, https://, base64, eval, exec, importlib, subprocess, socket). (3) Run the script in a sandbox or on a disposable VM with non-sensitive photos first. (4) If you will install dependencies via pip, prefer a virtualenv to avoid polluting system packages. If you want, paste the rest of generate_photo_book.py and I will re-check the remaining lines for any hidden or unexpected behavior.

Review Dimensions

Purpose & Capability: okName, description, SKILL.md usage, listed dependencies (Pillow, ReportLab) and the included Python script all align with a local photo-to-PDF book generator. There are no declared env vars, binaries, or config paths that don't belong to this purpose.
Instruction Scope: noteSKILL.md only instructs running the local Python script against a photo folder and supplying baby name/birth date. The visible part of the script operates on local image files, reads EXIF (to infer dates), arranges layouts, and writes a PDF. This is within scope. Note: the provided generate_photo_book.py was truncated in the manifest — you should confirm the remainder does not perform unrelated actions (network calls, reading unrelated system files, or transmitting data).
Install Mechanism: okNo install spec is present; the skill is instruction-only with a Python script. Dependencies are standard Python libraries (Pillow, ReportLab) and are installed via pip per the README. No downloads from unknown hosts or archive extraction is specified.
Credentials: okThe skill requires no environment variables or credentials. The script accesses local photo files and attempts to register local fonts from well-known OS font paths — these are appropriate for generating localized PDFs and do not require secrets.
Persistence & Privilege: okalways is false and model invocation is normal. The skill does not request persistent agent-level privileges or write to other skills' configuration. Running the script writes an output PDF (expected) but does not request elevated system changes in the visible code.