Back to skill
Skillv1.0.0
ClawScan security
BizyAir API出图 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 7, 2026, 9:54 AM
- Verdict
- Review
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions require an API key and curl but the registry metadata doesn't declare them, and the SKILL.md forces automatic prompt appends (including detailed demographic content), so the package is internally inconsistent and includes surprising behavior users should review before installing.
- Guidance
- This skill's SKILL.md expects an environment variable named BIZYAIR_API_KEY and the curl binary, but the registry metadata doesn't declare them — that's an inconsistency you should resolve before installing. Ask the publisher (or edit the skill) to: (1) explicitly declare required env vars and binaries in metadata; (2) document how the API key is used and what permissions/rotation policy it should have; (3) remove or make optional any automatic prompt appends (the skill currently appends fixed demographic/photographic text like 'elegant woman' and a long description of a '20-year-old Asian woman'), since that behavior is surprising and may violate content or privacy expectations; (4) confirm the target API host (https://api.bizyair.cn) is correct and trusted. Until those are fixed, avoid providing real API credentials and test the skill in a sandboxed environment. If you proceed, limit the API key to minimal scopes and monitor usage.
Review Dimensions
- Purpose & Capability
- concernThe skill claims to be an image-generation helper for BizyAir, which legitimately requires an API key and HTTP client. However, registry metadata lists no required env vars or binaries, while the SKILL.md explicitly requires ${BIZYAIR_API_KEY} and mentions curl. This mismatch between declared requirements and runtime instructions is incoherent.
- Instruction Scope
- concernRuntime instructions tell the agent to read ${BIZYAIR_API_KEY}, call BizyAir endpoints with curl, extract requestId, and return results. They also mandate automatic prompt augmentation (appending phrases like ',elegant woman,' and a long, prescriptive photo-realistic description for person-related prompts). That automatic, non-obvious modification of user prompts and insertion of detailed demographic/photographic descriptions is scope creep and surprising behavior that should be explicit in metadata and consented to by users.
- Install Mechanism
- okNo install spec or code files are present (instruction-only), so the skill won't write or execute downloaded code on install. This is the lower-risk install pattern.
- Credentials
- concernThe SKILL.md requires reading ${BIZYAIR_API_KEY} but the skill metadata lists no required environment variables or primary credential. Requiring an API key is proportionate to the stated purpose, but it must be declared explicitly; the omission is an inconsistency and a risk (user may not realize a secret is needed or how it will be used).
- Persistence & Privilege
- okThe skill is not always-enabled and doesn't request persistent or elevated platform privileges. It is user-invocable and allows autonomous invocation (default), which is normal; this combined with the other inconsistencies is why caution is advised, but there is no unusual persistence or cross-skill config modification requested.