v1.0.0

Toonany

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 2:56 PM.

Analysis

Toonany mostly matches its stated AI video-production purpose, but critical static-scan hits indicate possible hardcoded API secrets that conflict with its own security claims.

GuidanceBefore installing, review the flagged scripts for hardcoded API keys, confirm all credentials are loaded from environment variables or explicit local config, and use dedicated low-quota provider keys. Install dependencies in an isolated environment, avoid echoing secrets in terminals, and only process story content you are comfortable sending to the configured AI providers.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation

SeverityMediumConfidenceMediumStatusConcern

CHANGELOG.md

- No hardcoded API tokens
- Environment variable support with `${ENV_VAR}` syntax
- No secrets in project files

The artifacts make an explicit safety claim about no hardcoded tokens, while the static scan reports multiple hardcoded-secret findings. That mismatch could cause users to over-trust the credential handling.

User impactUsers may assume credential handling is safer than the artifacts currently support.

RecommendationPublisher should reconcile the security claim with the flagged code and document exactly where credentials are stored, loaded, and exported.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

requirements.txt

requests>=2.31.0
Pillow>=10.0.0
python-dotenv>=1.0.0

The Python dependencies use lower-bound version ranges rather than exact pinned versions. This is common and purpose-aligned, but it makes installs less reproducible.

User impactFuture installations could resolve to different dependency versions than the author tested.

RecommendationInstall in an isolated virtual environment and pin exact dependency versions or hashes if reproducibility matters.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceMediumStatusConcern

scripts/generate_assets.py

Static scan: suspicious.exposed_secret_literal at scripts/generate_assets.py:338; Evidence: api_key=[REDACTED],

The static scan reports an apparent hardcoded API secret/token in a generation script, with similar findings in audio, storyboard-image, and video scripts. This is material because the skill requires sensitive provider API keys and otherwise documents environment-variable based credential use.

User impactThe skill may contain or use embedded provider credentials instead of only user-supplied keys, creating account, privacy, billing, and provenance risk.

RecommendationDo not install until the flagged API-key literals are reviewed and removed or clearly explained. Prefer dedicated low-quota API keys and rotate any key that may have been copied into project files or scripts.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

prompts/onboarding/missing-api-key.md

echo $DEEPSEEK_API_KEY
echo $VOLC_API_KEY

The setup guide suggests printing API-key environment variables to verify configuration. This is user-directed setup, but displaying secrets in a terminal is avoidable exposure.

User impactAPI keys could be visible in terminal output, screen recordings, shared sessions, or logs.

RecommendationVerify keys without printing their values, for example by checking whether the variable is set rather than echoing the secret itself.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

SKILL.md

| text | deepseek, openai, anthropic, gemini | 故事线、大纲、剧本 |
| image | volcengine, kling, gemini | 资产图、分镜图 |
| video | kling, volcengine, vidu, gemini | 视频生成 |
| audio | volcengine, aliyun, edge-tts | 配音 |

The skill is designed to send story, prompt, image, video, and audio generation requests to external AI providers. This is purpose-aligned and disclosed, but users should understand that creative content may leave the local environment.

User impactPrivate novels, scripts, prompts, and generated assets may be processed by third-party services configured in the project.

RecommendationUse the skill only with content you are willing to send to the selected providers, and review those providers' privacy, retention, and billing terms.