Skillv1.0.0

ClawScan security

My Generate Qr Code · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 2, 2026, 7:15 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions are consistent with a simple QR/barcode generator; it writes image files and may auto-install standard Python packages, but there are only minor implementation issues (no evidence of misdirection or unrelated privileges).
Guidance: This skill appears to do what it claims: generate and save QR images. Before installing or using it consider: (1) it will attempt to run pip at runtime to install 'qrcode' and 'pillow' from PyPI (network download and disk writes) — if you prefer, install those packages yourself ahead of time; (2) it will write files to the filesystem (default: Desktop) and will create directories if necessary — ensure the save path is trusted and writable; (3) there are minor implementation issues (it checks for 'pillow' via __import__('pillow') though Pillow is imported as PIL, and it claims to filter special characters / validate WiFi format but the code does not enforce these), so avoid feeding sensitive data until you review or test behaviour; (4) if you need stricter validation or want to avoid runtime package installs, review/modify the agent.py before use.

Review Dimensions

Purpose & Capability: okName/description match the included agent.py and SKILL.md: the skill generates QR images, supports size/color, and saves to a path. It does not request unrelated credentials, binaries, or config paths.
Instruction Scope: noteSKILL.md instructs the agent to call generate_qr and to auto-install qrcode/Pillow if missing — the code does perform these actions. However, SKILL.md mentions filtering special characters and WiFi-format validation; the provided code does not implement explicit content filtering or WiFi-format validation, so behavior for those edge cases is not implemented as claimed.
Install Mechanism: noteThere is no external install spec, but agent.py will attempt to run pip at runtime (sys.executable -m pip install ...) to fetch qrcode and pillow from PyPI. These are standard packages (no custom URLs), but the runtime pip install performs network downloads and writes to disk. Also, the import check uses '__import__("pillow")' while Pillow is imported as 'PIL', which may trigger unnecessary pip installs.
Credentials: okThe skill requests no credentials and no special env vars. It does read USERPROFILE to locate the Windows Desktop when save_path is omitted; that is reasonable for determining a default path but is undocumented in requires.env and could raise a KeyError on unusual environments.
Persistence & Privilege: okThe skill is not always-enabled, does not persist agent-wide changes, and only writes image files to the filesystem (user-specified paths). It does not modify other skills or system settings.