Back to skill
Skillv1.0.2
ClawScan security
Nano Banana 2 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 3:33 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its stated purpose: it only needs curl and a POYO_API_KEY and its instructions and script submit jobs to the documented PoYo API endpoints.
- Guidance
- This skill will send prompts and image URLs to PoYo's API and requires your POYO_API_KEY. Only install if you trust poyo.ai and are comfortable providing that API key. Do not supply sensitive images as publicly-hosted URLs (the skill assumes you upload images to reachable URLs). The provided shell script reads POYO_API_KEY from the environment if you don't pass it explicitly. Confirm billing, rate limits, and the official endpoint (https://api.poyo.ai) before use, and revoke the API key if you suspect it has been exposed. If you do not want the agent to call this skill autonomously, disable or restrict the skill in your agent settings.
Review Dimensions
- Purpose & Capability
- okName/description match the requested resources: the skill submits image-generation/edit jobs to https://api.poyo.ai/api/generate/submit. Required binary (curl) and required env var (POYO_API_KEY) are appropriate and expected for this purpose.
- Instruction Scope
- okSKILL.md and the included docs direct the agent to construct JSON payloads, upload local images to reachable URLs, submit them to PoYo, and poll for task status. There are no instructions to read unrelated files or environment variables, nor to exfiltrate data to unexpected endpoints.
- Install Mechanism
- okNo install spec — instruction-only with a small helper shell script. Nothing is downloaded or written to disk by an install step, minimizing risk.
- Credentials
- okOnly POYO_API_KEY is required and declared as the primary credential. That is proportional for an API client. The script accepts the key via env or explicit argument and does not request additional unrelated secrets.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request elevated or persistent system privileges. It does not modify other skill configurations or system-wide settings.