ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pixr Cli

v1.0.2

Drives the local pixr Gemini image CLI for generation, editing, variations, model selection, saved defaults, profile-based defaults, reference-image workflow...

0· 44·0 current·0 all-time
byDishant Sharma@dishant0406
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name/description claim to drive a local 'pixr' CLI and manage ~/.pixr files, which matches the included instructions. However, the documentation (troubleshooting) tells the user to set PIXR_API_KEY to list models — a sensitive credential relationship that is not declared in the skill's metadata (requires.env is empty). This is an incoherence between claimed requirements and referenced runtime needs.
Instruction Scope
SKILL.md explicitly instructs the agent to run local pixr commands, inspect and scaffold files under ~/.pixr (config.json, INSTRUCTION.md, STYLE.md, assets, profiles), and to use CLI flags and --json output for validation. Those actions are within the stated purpose. It also instructs exporting/using PIXR_API_KEY for model listing; reading/writing home-directory config is expected but the env var usage is not declared.
Install Mechanism
The skill is instruction-only with no install spec and no code files, so it does not add binaries or write code to disk. This minimal install surface reduces risk from supply-chain installs.
!
Credentials
No environment variables are declared, yet troubleshooting explicitly references PIXR_API_KEY (sensitive credential). The skill may access environment variables and home config files at runtime; requesting a single API key for the service is plausible, but it should be declared. The undeclared credential is a proportionality mismatch and a potential surprise for users.
Persistence & Privilege
The skill does not request 'always: true' and the agent metadata allows implicit invocation (allow_implicit_invocation: true). Autonomous invocation is platform-default and not flagged by itself, but note that the skill can be implicitly invoked. The skill does not modify other skills or system settings in the included materials.
What to consider before installing
This skill appears to be a thin instruction layer for running a local 'pixr' CLI and managing ~/.pixr files — that part is coherent. However, the docs instruct the user to set PIXR_API_KEY (a sensitive credential) even though the skill metadata declares no required env vars. Before installing or using: (1) verify the provenance of the 'pixr' CLI you will run (where it came from and its code), (2) confirm whether you must provide a PIXR_API_KEY and understand which service that key accesses, (3) avoid giving broad or high-privilege credentials — create a scoped/test key if possible, (4) be aware the skill will read and write files in your home directory (~/.pixr and legacy paths), so inspect those files for sensitive content, and (5) if you are uncomfortable with implicit invocation, restrict or review agent permissions for invoking this skill. If you need higher assurance, request the actual pixr binary source or an install spec from the publisher before granting access.

Like a lobster shell, security has layers — review code before you run it.

latestvk9737w4wb6be7qg9zcj0nb6tf184r8sx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments