Skillv1.0.2

ClawScan security

intelligent-extension · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 27, 2026, 3:57 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions match its stated purpose (calling Flyelep's image-extension HTTP API); no install or unrelated credentials are requested, but it will send user images/URLs to an external service and the SKILL metadata omits declaring the runtime API key (which must be provided by the user).
Guidance: This skill appears to do what it says: call Flyelep's HTTP API to extend images. Before installing or using it, consider: (1) Privacy — the skill sends image URLs to an external service (https://www.flyelep.cn). Do not submit images containing private or sensitive data unless you trust the service and its policies. (2) API key handling — the SKILL.md requires a 'secretKey' header at runtime but the skill metadata does not declare a stored credential; supply the key dynamically and do not embed it in skill files. (3) Local files — if your images are not already hosted at public URLs, decide how you'll upload them to a reachable URL before invoking the skill (the instructions don’t cover this). (4) Test carefully using non-sensitive images first, and verify Flyelep's terms/privacy policy and that responses are as expected. If you need the agent to operate autonomously, be aware it could call this API without further prompts — consider restricting autonomous invocation or monitoring requests.

Review Dimensions

Purpose & Capability: okThe name/description and SKILL.md consistently describe calling Flyelep's intelligentExtension HTTP API to extend images and adjust aspect ratios. Nothing in the instructions requires unrelated services or system-level access. The file correctly documents the API endpoint, expected request/response, and that a secretKey header must be supplied at runtime.
Instruction Scope: noteThe instructions are narrowly scoped to collecting image URLs, the target ratio, and POSTing to the Flyelep endpoint. They explicitly tell the agent not to persist the secretKey. Important operational gaps: (1) the skill assumes images are available via public URLs — it gives no guidance for handling local files (uploading them to a reachable URL), (2) it will send image data (via URLs) to an external domain (flyelep.cn), which inherently carries data-exfiltration/privacy risk if images contain sensitive information.
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest-risk install profile (no code written to disk).
Credentials: noteThe SKILL.md requires a runtime 'secretKey' in the HTTP header but the registry metadata lists no required environment variables or primary credential. This is not necessarily malicious (author advises dynamic provision of the key and not to embed it), but there is a minor metadata mismatch: the skill does require a credential at runtime even though none are declared in the skill metadata.
Persistence & Privilege: okalways is false and the skill does not request persistent or system-wide privileges. It does not ask to modify other skills or agent configuration.