OpenAI Image CLI
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: openai-image-cli Version: 1.0.0 The skill bundle is classified as suspicious primarily due to the `npm install -g @versatly/openai-image-cli` command found in `SKILL.md`. While this is a standard method for installing CLI tools, it represents a significant supply chain risk as it executes arbitrary code from an external npm package with global system permissions. This constitutes a risky capability without clear malicious intent within the provided instructions. There is no evidence of prompt injection attempts against the agent, data exfiltration, or other directly malicious instructions in the analyzed files.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill requires trusting the published npm package that provides the openai-image command.
The documented setup installs an external npm package globally without pinning a version. This is user-directed and central to the skill, but it means the installed executable comes from outside the reviewed artifact.
npm install -g @versatly/openai-image-cli
Install only if you trust the package and publisher; consider pinning a version and reviewing the linked package/repository before global installation.
The CLI can make billable OpenAI image requests using the configured key.
The CLI requires an OpenAI API key, either via environment variable or local config. This is expected for the stated purpose, but it grants access to the user's OpenAI account and billing.
export OPENAI_API_KEY=sk-... openai-image config set api-key sk-...
Use an appropriate project-scoped API key, set account spending limits where possible, and avoid exposing the key in shared shells, logs, or chats.
Sensitive photos, images, or prompt text could be included in requests to OpenAI if the user chooses those inputs.
The skill supports editing local images and using additional reference images through an OpenAI image workflow. This is purpose-aligned, but user-provided files and prompts may be sent to the external provider.
openai-image edit <image> "instructions" [options] --images <paths...> Additional reference images (up to 16)
Do not submit private or regulated images/prompts unless you are comfortable with the provider handling them under its applicable policies.
Someone with access to the local environment may be able to view past generation history.
The CLI keeps local generation history by default. This persistence is disclosed and purpose-aligned, but it can retain records of image-generation activity until cleared.
History tracking: Enabled by default, view with `openai-image history`
Use `openai-image history --clear` when working with sensitive prompts or outputs, and check where the CLI stores history if privacy matters.