Skillv1.0.0

ClawScan security

Unsplash · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 16, 2026, 4:28 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The SKILL.md is consistent with an Unsplash integration (it only talks to Unsplash endpoints and asks for an Unsplash access key), but the registry metadata omits the credential and config-path requirements the runtime instructions actually use — an inconsistency you should understand before installing.
Guidance: This skill appears to be what it says — an Unsplash API helper — but the registry metadata omits that it expects an Unsplash access key and a local config file. Before installing: (1) be prepared to create an Unsplash developer app and obtain an Access Key; (2) prefer exporting UNSPLASH_ACCESS_KEY as an environment variable instead of storing secrets in files unless you trust the machine; (3) verify you are comfortable the skill will read that key (metadata should declare it — ask the publisher to update the registry entry); and (4) because this is instruction-only, inspect the SKILL.md yourself and confirm the endpoints shown are correct (api.unsplash.com / images.unsplash.com) and no unexpected external endpoints are introduced. If you need higher assurance, ask the publisher to add the required env/config declarations to the skill metadata before using it.

Review Dimensions

Purpose & Capability: noteThe skill's name/description (Unsplash photo search/download) matches the runtime instructions: all cURL examples call api.unsplash.com and image URLs reference images.unsplash.com. However, the SKILL.md expects an Unsplash access key (UNSPLASH_ACCESS_KEY) and suggests creating ~/.config/unsplash/access_key, but the registry metadata lists no required env vars or config paths. That metadata omission is inconsistent (but not necessarily malicious).
Instruction Scope: okInstructions stay on-task: they direct the agent to register an Unsplash app, store an Access Key (file or env var), and call only Unsplash endpoints (api.unsplash.com and images.unsplash.com). There are explicit download-tracking calls (/photos/:id/download) required by Unsplash's API guidelines. The instructions do ask the user to create a file under ~/.config/unsplash, which is a local write operation but limited in scope.
Install Mechanism: okNo install spec and no code files (instruction-only). This is the lowest-risk class: nothing is downloaded or installed by the skill itself.
Credentials: concernThe only sensitive credential the SKILL.md requires is an Unsplash Access Key, which is proportionate to the stated purpose. The concern is that the skill metadata does not declare this required env var or the config path (~/.config/unsplash/access_key). That mismatch means the registry entry understates the secrets/config the skill will ask you to create or use, which reduces transparency.
Persistence & Privilege: noteThe skill is not always-enabled and does not request elevated platform privileges. It instructs creating a per-user config file (~/.config/unsplash/access_key), which is normal for storing an API key but is not declared in metadata. The skill does not try to modify other skills or system-wide settings.