Venice Ai
PassAudited by ClawScan on May 1, 2026.
Overview
The artifacts describe a coherent Venice AI API wrapper, with expected API-key, external-provider, media upload, and URL-fetching risks users should review.
This skill appears appropriate if you want a Venice AI CLI integration. Before installing, be comfortable providing a Venice API key, sending selected prompts/files/media to Venice, and paying any resulting API costs. Avoid giving it internal URLs, check model-specific privacy settings for sensitive data, and use dedicated credentials where possible.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone installing the skill must trust it with a Venice API key that can spend quota or access that Venice account's API capabilities.
The skill uses a Venice API credential and can read it from local configuration; this is expected for the service integration but is still privileged account access.
API key read from `VENICE_API_KEY` environment variable (preferred) - Fallback: read from `~/.clawdbot/clawdbot.json` config - Key is sent only to `api.venice.ai` in the `Authorization` header
Use a dedicated Venice API key with the minimum practical scope or spending limits, and rotate it if the skill or host environment is no longer trusted.
Text, images, audio, video, and other supplied content may leave the local machine and be processed by Venice AI.
Prompts and user-selected files are sent to an external AI provider as the core function of the skill; this is disclosed and purpose-aligned, but it is a sensitive data boundary.
`api.venice.ai` | Official Venice AI API — all inference requests ... User-specified input paths | Read-only | Load user-specified files for upload
Only send data you are comfortable sharing with the provider, and choose the model/privacy mode appropriate for sensitive material.
If an agent or user passes an internal URL such as localhost, a cloud metadata address, or a private service, the skill may fetch content that was not intended to be exposed.
The script can fetch arbitrary user-provided HTTP(S) URLs without host allowlisting or private-network blocking, then encode the result for API use.
def _fetch_url_as_base64(url: str) -> str:
"""Download an HTTP(S) URL and return as raw base64 string."""
req = urllib.request.Request(url, headers={"User-Agent": USER_AGENT})
with urllib.request.urlopen(req, timeout=60) as resp:Do not pass internal or sensitive URLs; in shared or server environments, add network egress controls or URL allowlisting before enabling URL-based commands.
A user might send highly sensitive data assuming all Venice-backed options have the same retention and privacy properties.
The skill makes strong privacy claims while also supporting many models and modes; the wording is partially qualified to private models, but users should not treat every model or feature as equally private.
Venice offers **true privacy** with zero data retention on private models ... **Private inference** — Models marked "Private" have zero data retention. Process sensitive data without it leaking into training sets.
Verify Venice's current privacy terms and model-specific privacy labels before sending sensitive data, especially when using non-private or third-party frontier models.