Back to skill
Skillv1.0.1
ClawScan security
ime_message_skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 14, 2026, 8:39 AM
- Verdict
- Review
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- Functionally coherent: the skill rewrites ASR-produced text by calling a remote model service, but the package metadata omits the required IME_MODEL_API_KEY and the skill will send user text to an external endpoint (https://models.audiozen.cn); verify the endpoint and privacy before use.
- Guidance
- This skill is internally consistent in function — it rewrites text by calling a remote model — but it will send user-provided message text to an external service (default https://models.audiozen.cn) and requires an API token (IME_MODEL_API_KEY) even though the registry metadata doesn't declare it. Before installing: 1) Verify you trust the endpoint and the operator of models.audiozen.cn; decide whether sending potentially sensitive chat content to that service is acceptable. 2) Provide the API token via environment variables (do not hard-code it in the package). 3) Review scripts/rewrite_client.py (it will include the full raw model response if run with --json and returns response.model_dump() in JSON) to ensure no unexpected logging or storage. 4) If privacy is a concern, consider running a locally hosted/enterprise model or an allowed endpoint, and set IME_MODEL_BASE_URL accordingly. 5) Note the metadata mismatch (required env var not declared) — make sure deployment automation sets IME_MODEL_API_KEY or the skill will fail.
Review Dimensions
- Purpose & Capability
- noteName/description match the implementation: the skill rewrites already-recognized spoken text into sendable IM messages and uses a remote LLM for that. However, the package registry metadata lists no required env vars while the SKILL.md and scripts require IME_MODEL_API_KEY (and allow IME_MODEL_BASE_URL/IME_MODEL_NAME). This metadata omission is an inconsistency that could mislead integrators.
- Instruction Scope
- okSKILL.md and scripts confine behavior to taking input text, optionally adding a translation instruction, calling the configured model endpoint, and returning the rewritten text. There are no instructions to read unrelated files, shell-history, or other system secrets. The skill explicitly warns not to accept audio/ASR work itself.
- Install Mechanism
- okNo install specification (instruction-only plus a small helper script) — no archives or remote installers. The only runtime dependency is the openai Python package used by scripts/rewrite_client.py, which is noted in the script.
- Credentials
- noteThe script requires one API credential (IME_MODEL_API_KEY) plus optional IME_MODEL_BASE_URL/IME_MODEL_NAME/TEMPERATURE/TIMEOUT — reasonable for a remote-model integration. The registry metadata, however, does not declare any required env vars or primary credential, which is a mismatch and may cause integrators to miss that they must supply a token. The default base URL (models.audiozen.cn) is a third-party endpoint; confirm you trust it before sending user content.
- Persistence & Privilege
- okThe skill does not request permanent/always-on status, does not modify other skills or global agent config, and does not persist credentials in the package. There is no installation step that writes to system paths.