Skillv1.0.0

ClawScan security

Generate images using Runware API · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 15, 2026, 1:40 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill is generally what it claims (a Runware image generator) but contains multiple inconsistencies between its metadata, runtime instructions, and code—especially around how the API key is provided and where outputs are saved—so review before installing or granting it autonomous execution.
Guidance: This skill appears to be a legitimate Runware image CLI, but there are several things to check before installing or allowing it to run autonomously: - RUNWARE_API_KEY is required at runtime but the registry metadata does not declare any required env vars. Provide the key securely (environment variable or secret manager) and do not store it in the repo. Verify the agent will not accidentally log or transmit the key elsewhere. - SKILL.md instructs agents to never ask for the API key and to execute the script immediately; the script will prompt for a key if missing. Decide whether you want the agent to run the CLI without clarifying questions—this could cause undesired generations. If unsure, disable autonomous invocation or require explicit user consent before running. - There are conflicting statements about default save location (SKILL.md says Downloads; README and code use default_output_dir ~/runware_images and the skill writes last_output_dir to skill-config.json). Confirm and, if desired, change the default output path in skill-config.json to a safe location, and be aware the script will persist last_output_dir by writing to the skill's config file. - The prompt safety check is simple string matching (e.g., blocks 'teen', '13', etc.). This is a basic filter and not a substitute for policy review—inspect validate_prompt if you need stricter or different behavior. - Review the code yourself (generate_image.py) to ensure there are no additional endpoints or telemetry, and run tests locally (pytest). The project has no external install URLs and uses common Python libs, which reduces supply-chain risk. If you are comfortable with an agent invoking a local script that will read a .env in the skill directory and write image files to disk, and you will provide RUNWARE_API_KEY via a secure mechanism, the inconsistencies appear to be sloppy documentation rather than malicious behavior. If you need autonomous generation to be tightly controlled, require explicit user approval before the skill executes or correct the metadata and SKILL.md so behavior matches exactly.

Review Dimensions

Purpose & Capability: concernThe repository contents (Python CLI script calling https://api.runware.ai/v1/tasks) match the stated purpose of generating images via Runware. However, the registry metadata declares no required environment variables or primary credential while the script clearly requires a RUNWARE_API_KEY. Several documentation claims conflict with the code (e.g., SKILL.md says images save to the user's Downloads folder by default, but the code defaults to a configurable default_output_dir and README refers to ~/runware_images). These mismatches are incoherent and should be clarified.
Instruction Scope: concernSKILL.md instructs the agent to 'Do NOT ask the user for the RUNWARE_API_KEY' and to 'Execute the script directly' without clarifying questions in most cases. The code, however, will prompt interactively for the API key if none is in the environment and enforces a prompt safety check that may abort generation (e.g., referencing teen/minor words). The instructions therefore overrule or contradict the script behavior and give the agent broad discretion to run the CLI immediately—this is risky and not fully consistent.
Install Mechanism: okThere is no install spec; this is essentially an instruction + included script bundle. Dependencies are minimal and declared in requirements.txt (requests, python-dotenv, pytest). No external downloads or obscure install URLs are used.
Credentials: concernThe skill requires a Runware API key at runtime (RUNWARE_API_KEY) but the registry metadata lists no required env vars or primary credential—this is an important mismatch. The code loads .env from the skill directory and will also prompt for the key if absent; tests include an integration test gated on RUNWARE_API_KEY. The skill therefore needs a secret to function, and the documentation/inventory should declare that explicitly.
Persistence & Privilege: noteThe skill does not request always:true and does not alter other skills. It does write to its own skill-config.json to persist last_output_dir and will create directories and write image files to the filesystem (default configurable path). This file-system persistence is expected for an image-saving CLI but note it will create and update files in the skill directory and create user output directories.