Back to skill
Skillv0.0.4
ClawScan security
image-understanding · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 2, 2026, 1:06 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and runtime instructions match its stated purpose (connecting to ZhipuAI's GLM-4.6V multimodal API) and nothing in the SKILL.md appears to require unrelated privileges or data access.
- Guidance
- This skill appears coherent for integrating ZhipuAI's GLM-4.6V model, but take normal precautions: only provide a ZHIPUAI_API_KEY you trust and avoid pasting it into chats; run initial tests in a sandbox; redact or mask sensitive parts of images before sending; verify the 'zhipuai' Python package on PyPI (watch for typosquatting), pin a specific version (e.g., zhipuai==2.1.x), and review its release/source repository. If you cannot verify the SDK or you handle highly sensitive images, consider using an alternative workflow or isolated environment.
Review Dimensions
- Purpose & Capability
- okName/description (GLM-4.6V multimodal image understanding) align with the declared requirements: an API key for ZhipuAI and the zhipuai Python SDK. Requiring ZHIPUAI_API_KEY and the zhipuai package is proportionate for this integration.
- Instruction Scope
- okSKILL.md contains usage examples that only send image data and text to the GLM model and recommends credential handling and data redaction. It does not instruct reading unrelated system files, other env vars, or transmitting data to unexpected endpoints; external endpoints referenced are the documented bigmodel.cn resources.
- Install Mechanism
- noteThe registry bundle has no formal install spec, but SKILL.md recommends 'pip install zhipuai' and lists zhipuai>=2.1.0. Installing the SDK via pip is expected for this skill but carries normal supply-chain risk (package install scripts). Verify the package source and pin versions before installing.
- Credentials
- okOnly one environment credential is required (ZHIPUAI_API_KEY), which is appropriate for a hosted-model integration. No unrelated credentials or config paths are requested.
- Persistence & Privilege
- okSkill is instruction-only, always:false, and does not request persistent system-wide privileges or modifications to other skills; autonomous invocation is allowed (platform default) but not elevated by the skill.