Skillv1.2.5

ClawScan security

Image generation, editing and remove background · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 11, 2026, 10:12 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to do what it says (call Bria.ai image APIs) but there are metadata inconsistencies and privacy/credential handling details you should confirm before installing.
Guidance: This skill is largely coherent with its stated purpose (calling Bria.ai image APIs), but check these things before installing: 1) Confirm and set BRIA_API_KEY — SKILL.md and examples require it though top-level metadata omitted it. 2) Be aware that any local images or image URLs you pass will be uploaded to Bria's service (engine.prod.bria-api.com); do not upload sensitive or private photos. 3) Treat the API key like a secret — it will be sent to a third-party domain via the api_token header. 4) Review the included example code locally if you plan to run it (it downloads remote images, base64-encodes local files, and polls status endpoints). 5) If you have concerns about data residency or privacy, test with non-sensitive images and a throwaway API key, and verify the vendor (https://bria.ai) and their privacy/terms before using it with production data.

Review Dimensions

Purpose & Capability: noteThe name/description match the included instructions and code examples: all network calls target Bria.ai image endpoints (generation, edit, RMBG, etc.). The included Python/TS/SH clients implement the documented API calls and headers. However, the registry metadata at the top of the package lists no required env vars while SKILL.md and the code examples clearly require BRIA_API_KEY — this mismatch is unexpected and should be clarified.
Instruction Scope: noteSKILL.md instructs the agent to check for and require the BRIA_API_KEY before proceeding and documents curl usage for many endpoints. The examples also instruct the client to read local image files, base64-encode them, and/or download remote image URLs and then send them to the external API. That behavior is coherent with the skill purpose but has privacy implications (local images and any image URLs will be uploaded to engine.prod.bria-api.com). There are no instructions to read unrelated system files or other credentials.
Install Mechanism: okThis is an instruction-only skill with no install spec; risk from installation is low. The repository only contains example client code and docs, not an installer pulling arbitrary binaries or archives.
Credentials: concernOnly a single API credential (BRIA_API_KEY) is needed and this is appropriate for the described API. However, the top-level registry metadata claims no required env vars while SKILL.md declares BRIA_API_KEY in its metadata and all code examples use it — the inconsistency could mislead users into deploying without setting a key or expecting the skill to work without credentials. Also be aware that the API key is sent in an 'api_token' header to a third-party domain, so treat it like any external-service secret.
Persistence & Privilege: okThe skill does not request always:true and is user-invocable; it does not request system-wide configuration changes. Example clients read local files only when provided and do not persist or modify other skills' configs.