pick your
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The main collage script is local and simple, but the package also includes an undisclosed Cloudflare image-generation script with a hardcoded token and unsafe shell execution.
Use caution before installing. The documented collage script appears local, but the package contains an extra Cloudflare image-generation script with embedded credentials and unsafe command construction. Do not run generate_image.py unless it is fixed, the token is removed or rotated, and you understand what data will be sent externally.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running or sharing this skill could use or expose a Cloudflare account token that the user did not provide or approve.
The script embeds a Cloudflare account identifier and bearer token even though the skill metadata declares no primary credential or required environment variables.
ACCOUNT_ID = "1e89d3...b7a52" TOKEN = "aCTA2Ka...18Bk"
Remove the hardcoded token, rotate it, declare any required credential explicitly, and require users to provide a narrowly scoped token through an environment variable or approved credential flow.
If the helper script is invoked with a malicious or accidental prompt, it could run unintended local commands with the agent's permissions.
A user-controlled prompt is interpolated into a shell command that is executed with shell=True; a crafted prompt containing shell metacharacters could break out of the quoted JSON payload.
parser.add_argument('prompt', help='Image description/prompt') ... -d '{json.dumps({"prompt": prompt})}' > /tmp/cf_response.json ... subprocess.run(cmd, shell=True)Avoid shell=True; call the API with a safe HTTP library or subprocess argument list, validate inputs, and avoid constructing shell commands from prompts.
A user's prompt may be transmitted to an external provider unexpectedly if the helper script is used.
The included helper sends the user's image prompt to Cloudflare Workers AI, but SKILL.md describes only local collage generation and does not disclose this external data flow.
curl -s -X POST "https://api.cloudflare.com/client/v4/accounts/{ACCOUNT_ID}/ai/run/{MODEL}" ... -d '{json.dumps({"prompt": prompt})}'Disclose the Cloudflare API call clearly, ask for user approval before sending prompts externally, and document what data is sent and under which account.