remove-bg
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its local image background-removal purpose, but it automatically opens the output file with system commands and accepts user-chosen paths, which warrants review.
Before installing, be aware that this skill is local and simple but automatically opens the generated PNG after writing it. Prefer using safe workspace output paths, avoid untrusted or unusual filenames, and consider removing or disabling the auto-open block if you only want file conversion.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill may launch another local application or, with a crafted output path on some platforms, increase the chance of unintended command execution.
After saving the PNG, the script automatically invokes platform commands to open the user-supplied output path. The Windows branch uses shell=True, and this auto-launch behavior is not clearly described in SKILL.md.
# 自动打开生成的 PNG(使用系统默认图片查看器) subprocess.run(['start', str(out_path)], shell=True, check=False) ... subprocess.run(['open', str(out_path)], check=False) ... subprocess.run(['xdg-open', str(out_path)], check=False)
Make opening the output file opt-in, disclose it clearly, avoid shell=True, and validate that the output path is a safe PNG path before invoking any opener.
If the agent or user chooses the wrong output location, the skill could create directories or replace a file with PNG data.
The tool reads and writes paths supplied at invocation and creates parent directories for the output. This is expected for an image conversion skill, but it is not technically confined to a workspace and can overwrite the selected output path.
input_file = Path(sys.argv[1]) output_file = Path(sys.argv[2]) ... out_path.parent.mkdir(parents=True, exist_ok=True) img.save(out_path, 'PNG')
Use explicit, safe output paths in a workspace or temporary directory, and consider adding checks that prevent overwriting existing files unless the user confirms.