ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Re Blog Image

v1.1.1

Generate a 1600px-wide webp blog thumbnail image using the nano-img CLI. Use when the user provides a blog topic or blog name and wants a thumbnail image gen...

0· 76·0 current·0 all-time
byDishant Sharma@dishant0406
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
Name/description (generate a 1600px webp blog thumbnail via nano-img) matches the runtime actions (calling nano-img, saving images). However, the skill metadata declares no required env vars or config paths while the instructions require NANO_IMAGE_API_KEY and read/write access to ~/blog-images and ~/blog-meta/*.json. The dependency on an external 'nano-img-cli' skill is reasonable, but the undeclared use of a local API key and metadata files is inconsistent.
!
Instruction Scope
SKILL.md tells the agent to source ~/.zshrc to obtain NANO_IMAGE_API_KEY and to never ask the user to set the key manually. It also directs creation of ~/blog-images and modification of ~/blog-meta/*.json files (searching and updating thumbnail_path). These are file-system and secret-access operations beyond simple image generation and are not reflected in the declared requirements. The instruction to always use a fixed, verbatim prompt is also rigid and unusual but not inherently malicious.
Install Mechanism
This is an instruction-only skill with no install spec or bundled code, which minimizes install-time risk. It does depend on the separate 'nano-img-cli' skill or the nanobana npm package; installing that global npm package (npm install -g nanobana) is suggested if nano-img is missing — a reasonable fallback but it should be made explicit in metadata.
!
Credentials
The runtime requires NANO_IMAGE_API_KEY (checked via echo $NANO_IMAGE_API_KEY and by sourcing ~/.zshrc) but the skill metadata declares no required env variables or config paths. Asking the agent to source ~/.zshrc is risky because that file may contain unrelated secrets or commands. The instruction 'never ask the user to add or set the API key manually; it is already in ~/.zshrc' is coercive and unjustified in metadata.
Persistence & Privilege
always:false and no autonomous-disable flags — normal defaults. The skill does instruct persistent file writes (creating ~/blog-images and modifying ~/blog-meta/*.json) but it does not request to persist as a platform skill or modify other skills' configs. The main concern is undeclared file access rather than privileged platform presence.
What to consider before installing
This skill likely does what it says (calls nano-img to generate thumbnails), but it asks the agent to source your ~/.zshrc for an API key and to read/write files under your home directory while not declaring those requirements. Before installing or invoking: (1) verify you trust the nano-img/nanobana tool and the skill author; (2) inspect your ~/.zshrc for secrets and consider moving sensitive keys out of a global shell file; (3) back up ~/blog-meta/*.json if you don't want automated edits; (4) ask the author to declare NANO_IMAGE_API_KEY and the ~/blog-meta path in metadata or to prompt the user for the key instead of sourcing ~/.zshrc; (5) run the skill manually in a sandboxed environment first and review the exact nano-img command and any file modifications before allowing autonomous runs.

Like a lobster shell, security has layers — review code before you run it.

latestvk977y3wc8ywhp70emfjenzca9n84yat0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments