Back to skill
Skillv1.0.0
ClawScan security
imgtohtml · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 9, 2026, 8:09 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only converter that asks the agent to analyze images and output HTML/CSS; its requirements and instructions are consistent with that purpose and it does not request credentials or installs.
- Guidance
- This skill appears coherent and doesn't ask for credentials or install code. Before using it, avoid uploading screenshots that contain sensitive data (passwords, API keys, patient/customer data, or proprietary UI with secrets) because the agent will process and include image content in generated files. Ask the platform how image uploads are handled (stored, shared, or sent to external services) if you need stronger privacy guarantees. If you require exact fonts or 3rd-party assets, verify whether the agent will reference external CDNs (e.g., Google Fonts) and whether that network access is acceptable for your data. Otherwise the skill is reasonable to use.
Review Dimensions
- Purpose & Capability
- okName/description (image-to-HTML conversion) align with the SKILL.md. No unexpected binaries, env vars, or config paths are required and nothing in the metadata asks for unrelated capabilities.
- Instruction Scope
- okThe runtime instructions are narrowly focused on analyzing provided images and producing HTML/CSS; they do not instruct the agent to read arbitrary system files, request hidden credentials, or transmit data to third-party endpoints. Limitations and outputs are clearly described.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files—nothing is downloaded or written to disk by an install step.
- Credentials
- okNo environment variables, credentials, or config paths are requested. Suggested use of web fonts (e.g., Google Fonts) is a benign UX note, not a required credential.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system privileges or modifications to other skills; autonomous invocation is allowed by default but is not combined with other risky factors.