Skillv0.1.9

ClawScan security

Banana Claws · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 14, 2026, 4:58 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, instructions, and requested credential (OPENROUTER_API_KEY) are consistent with its stated purpose (OpenRouter text→image generation); only minor implementation inconsistencies and operational caveats were found.
Guidance: This skill appears to do what it says: it enqueues image-generation jobs and calls OpenRouter using the OPENROUTER_API_KEY you supply. Before installing, verify: (1) you are comfortable giving your OpenRouter key to this skill and that you trust the OpenRouter provider; (2) you understand baseline images will be uploaded only when you pass --confirm-external-upload (do not confirm for sensitive local files); (3) the skill will create and use a local queue directory (generated/imagegen-queue) and may spawn background worker processes—inspect and manage those processes if you need to control runtime; (4) adjust the workspace-root option if your environment isn't /home/brad/.openclaw/workspace; and (5) consider harmonizing the desired default model (SKILL.md vs script defaults) to avoid unexpected provider/model choices.

Review Dimensions

Purpose & Capability: okName/description match the code and runtime instructions. The package contains local Python scripts that enqueue and run image-generation jobs and posts to OpenRouter. Required binary (python3) and the single required env var (OPENROUTER_API_KEY) are appropriate for this functionality.
Instruction Scope: noteSKILL.md instructs using the included scripts, running preflight checks, queuing jobs, and draining a local queue. The instructions correctly warn that baseline images are transmitted only when confirm flags are set. Minor concerns: model defaults are inconsistent across docs and scripts (SKILL.md and enqueue scripts default to google/gemini-3.1-flash-image-preview while generate_image.py defaults to openai/gpt-5-image), and generate_image.py uses a hard-coded workspace-root default (/home/brad/.openclaw/workspace) which may not match the user's environment and affects baseline path validation.
Install Mechanism: okNo install spec is provided (instruction-only skill). Only dependency is the widely used 'requests' Python package, which the SKILL.md documents to install. No external downloads, URL-shorteners, or archive extraction are present in the manifest.
Credentials: okOnly one credential is required (OPENROUTER_API_KEY) and that matches the stated external provider. No other tokens, keys, or unrelated environment variables are requested. The scripts read this env var only to authenticate with OpenRouter as expected.
Persistence & Privilege: notealways:false (normal). The skill spawns local background worker processes (via subprocess.Popen) and writes queue, processing, results, and handoff files under a local 'generated/imagegen-queue' directory; this is expected for a queue-first design but means the skill will create files and may leave background worker processes running. It does not modify other skills or global agent config.