ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Yu Product Image Generator

v1.0.0

AI 商品图生成器 - 多方案选择、12 种语言、分镜规划与批量生成

0· 37·0 current·0 all-time
by@davidunderwood7970
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The code matches the stated purpose (image analysis, scheme generation, image generation, packaging). However the repository contains hardcoded API keys and multiple external service endpoints (Nano Banana / Grsai, Volcengine, and a Feishu sender utility). The skill metadata declares no required env vars or credentials, which is inconsistent: a legitimate image-generation skill would normally declare the API key(s) it needs or instruct the user how to supply them.
!
Instruction Scope
SKILL.md describes a user-facing conversational flow and local image generation/packaging only. The actual code performs network calls to external generation endpoints (grsai.dakka.com.cn, grsaiapi.com, volces.com) and imports a utils/feishu_sender module (not referenced in SKILL.md). The SKILL.md does not disclose sending images/messages to third-party services, nor does it document use of the embedded API keys — mismatch between instructions and implementation.
Install Mechanism
There is no install spec — it's instruction+code only. No external archives or installer downloads are present in the manifest. That reduces installer risk; risk comes from runtime network calls and embedded credentials, not install-time behavior.
!
Credentials
The package includes multiple hardcoded credentials in config/settings.py and main.py (e.g. NANO_BANANA_API_KEY = "sk-6fe41fd...", VOLCENGINE_API_KEY = "eaf6834a-...") and the ImageAnalyzer also references DASHSCOPE_API_KEY via getenv. The skill metadata declares no required env vars or primary credential. Hardcoded keys are a security and provenance problem (could be leaked/abused) and the use of undeclared env vars is inconsistent with the metadata.
Persistence & Privilege
No elevated privileges or 'always: true' presence requested. The skill writes files to local output directories and /tmp, creates ZIP/HTML previews, and uses network calls, but it does not request persistent platform-wide privileges or alter other skills' configs.
What to consider before installing
Key issues to consider before installing or using this skill: - Hardcoded API keys: The repo contains plain-text keys (NANO_BANANA_API_KEY and VOLCENGINE_API_KEY) and a DEFAULT_API_KEY set in main.py/config/settings.py. These are sensitive and should not be relied on — they may belong to someone else, may be revoked, or may leak your usage to a third party. Ask the author to remove hardcoded keys and require supplying keys via documented environment variables. - Undeclared credentials and endpoints: The skill metadata declares no required env vars, yet the code reads/depends on credentials (NANO_BANANA_API_KEY, VOLCENGINE_API_KEY, DASHSCOPE_API_KEY) and talks to external endpoints (grsai.dakka.com.cn, grsaiapi.com, volces.com). Confirm which API keys are actually required and update the skill metadata accordingly before use. - External posting behavior: The code imports utils/feishu_sender (a Feishu messaging utility). SKILL.md does not mention posting to Feishu or other external services. Inspect utils/feishu_sender.py to see whether it transmits images/data and whether it requires additional tokens. If you do not expect external sharing, disable or remove that behavior. - Network I/O and data exfiltration risk: The skill sends image data (reference images are base64-encoded and included in payloads) to remote image-generation services. If your images contain sensitive content, be aware they will travel off-host. Run in a sandboxed environment if you must test. - Remediation steps before use: (1) Ask the publisher to remove embedded secrets and document required env vars; (2) Require that API keys are provided by the user via env vars (and declare them in metadata); (3) Audit utils/feishu_sender.py and any other utils that perform outbound POSTs; (4) Run the skill in an isolated environment initially and monitor outbound network connections; (5) Rotate any leaked credentials if you find they are yours. Given these mismatches (hardcoded keys, undeclared env vars, and undisclosed external messaging), treat the skill as suspicious until the author fixes credential handling and documents external endpoints and data flows.

Like a lobster shell, security has layers — review code before you run it.

latestvk9780htr97kv087ywmhf4pbeh184qt7w

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments