Back to skill
Skillv1.1.0
ClawScan security
NEXUS Image Analysis · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 9, 2026, 5:11 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions are internally consistent with an image-analysis-for-pay service, but the mandatory payment environment variable and external payment flow deserve user caution.
- Guidance
- This skill is coherent: it calls a third-party image-analysis API that charges per request. Before installing, verify you trust the external host (https://ai-service-hub-15.emergent.host), confirm pricing ($0.35/request) is acceptable, and prefer testing with the sandbox mode (use X-Payment-Proof: sandbox_test) rather than putting a real payment credential into NEXUS_PAYMENT_PROOF globally. Treat NEXUS_PAYMENT_PROOF as a payment credential (not a general secret) and avoid putting high-value keys or reusable tokens in that env var. If you must provide a real payment proof, scope it narrowly and monitor usage. If you need stronger guarantees about data retention or privacy, request the provider's documentation or run initial tests with non-sensitive inputs.
Review Dimensions
- Purpose & Capability
- noteThe skill advertises image analysis and only requests a single payment-related env var (NEXUS_PAYMENT_PROOF), which aligns with a pay-to-use API. Minor mismatch: SKILL.md documents a free sandbox mode ('sandbox_test') and multiple payment flows, so declaring NEXUS_PAYMENT_PROOF as a required env var is unnecessary and over-constraining but not fundamentally incoherent.
- Instruction Scope
- okRuntime instructions are narrowly scoped: they instruct the agent to call a single external HTTP API (https://ai-service-hub-15.emergent.host) and follow documented payment flows (x402 / MPP / legacy header). The skill does not instruct access to filesystem, shell, or unrelated credentials. Note: using the skill will send the user's input data to a third-party host and may include payment proof headers.
- Install Mechanism
- okNo install spec and no code files are provided (instruction-only), so nothing is written to disk or installed. This is the lowest-risk install model and matches the documented behavior.
- Credentials
- noteOnly NEXUS_PAYMENT_PROOF is requested as a required credential, which is appropriate for a paid API. However, making it mandatory in the registry is disproportionate given the skill documents a sandbox/test header and multiple payment flows; a payment credential should be optional. Also, payment-related secrets deserve higher scrutiny because they enable requests that incur cost or authorize payments — ensure the value/privileges of the env value are limited.
- Persistence & Privilege
- okThe skill does not request permanent presence (always:false), does not modify other skills or system settings, and does not require filesystem or shell access. It can be invoked autonomously by the agent (default), which is normal for skills.