Skillv1.0.0

ClawScan security

bizyair-video · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 18, 2026, 1:45 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement BizyAir async video APIs and needs a BizyAir API key (BIZYAIR_API_KEY), but there are several packaging/information inconsistencies (missing declared env var, mixed/renamed files, odd local permission file) that warrant caution before installing.
Guidance: What to consider before installing: - The skill will need your BizyAir API key (BIZYAIR_API_KEY) to function; only provide that if you trust api.bizyair.cn and the skill author. The registry metadata not listing this required env var is an inconsistency — ask the publisher to correct it or verify before providing secrets. - The files are plain Bash scripts that call https://api.bizyair.cn and optionally show storage.bizyair.cn URLs; review the scripts locally (they are included) to confirm behavior. They do not appear to contact other endpoints or exfiltrate arbitrary files. - Packaging is sloppy: some files/metadata reference a different skill name (bozo-jiaodu) and README text, and the .claude settings file contains an absolute path from a developer machine. These are signs the repo was repurposed and should be double-checked. - If you decide to use it: run the scripts in an isolated environment first (or with a least-privileged API key), inspect outputs, and avoid reusing sensitive production keys until you verify the provider and the skill. - If you need higher assurance, ask the publisher to: (1) update registry metadata to declare BIZYAIR_API_KEY as required, (2) remove or explain the .claude/settings.local.json entry and absolute paths, and (3) confirm the canonical skill name and provenance.

Review Dimensions

Purpose & Capability: noteThe declared purpose (BizyAir async video generation) matches the scripts and runtime instructions: they call https://api.bizyair.cn endpoints with model/web_app_id mappings. However the registry metadata claims no required env vars while the SKILL.md and all scripts require BIZYAIR_API_KEY. Several files reference a different skill name (bozo-jiaodu) and README content that appears reused — these naming mismatches suggest sloppy repackaging.
Instruction Scope: okSKILL.md and the shell scripts only instruct the agent (or user) to build JSON payloads and call BizyAir endpoints using curl, then parse and display the responses. The instructions do not direct the agent to read unrelated system files, upload data to unexpected domains, or exfiltrate arbitrary files beyond passing user-provided image URLs and the API key to api.bizyair.cn.
Install Mechanism: okThere is no external install step or downloaded code: the skill is instruction-plus-included shell scripts. That lowers risk compared with an installer that fetches arbitrary code. The scripts are plain Bash and will run locally if invoked.
Credentials: concernThe skill legitimately needs a single API secret (BIZYAIR_API_KEY) to call the provider; that is proportionate. But the package metadata does not declare required environment variables (it lists none) while SKILL.md and every script explicitly require BIZYAIR_API_KEY — an incoherence that should be resolved. No other unrelated credentials are requested.
Persistence & Privilege: noteThe skill does not request always:true and will not auto-enable itself. One odd file (.claude/settings.local.json) contains an allow rule with an absolute chmod command path referencing /Volumes/AI/… which appears to be a developer-local permission snippet — it's not itself a system privilege escalation, but it is out-of-place and may leak packaging-specific local paths.