Back to skill
Skillv1.0.4
ClawScan security
Pollinations AI · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 6, 2026, 9:58 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and runtime instructions match its stated purpose (image/audio/video generation via Pollinations) and request only the Pollinations API key plus optional Telegram settings; the package is internally coherent with a few minor documentation/metadata mismatches to be aware of.
- Guidance
- This skill appears to do what it says: call Pollinations API to generate images, audio, and video. Before installing: (1) only provide a Pollinations API key — avoid giving unrelated secrets; (2) note the optional Telegram feature uses an external 'openclaw' CLI that is not declared in the metadata, so Telegram sending will fail unless you have an appropriate 'openclaw' command installed and trust it; (3) verify ALLOWED_OUTPUT_DIRS and OPENCLAW_WORKSPACE values so generated files are written only where you expect (SKILL.md mentions '/tmp' as a default but the code primarily uses the workspace outputs directory); (4) review network policy if you need to restrict outbound calls to gen.pollinations.ai. If any of the undocumented behaviors (use of 'openclaw' or differences in ALLOWED_OUTPUT_DIRS defaults) are unacceptable, ask the author to update metadata and docs before use.
Review Dimensions
- Purpose & Capability
- noteName/description match the code: three CLI scripts call Pollinations endpoints to generate images, audio, and video. The only capability that extends beyond pure generation is an optional Telegram send implemented via an 'openclaw message send' subprocess call — the skill does not declare 'openclaw' as a required binary in metadata, so that dependency is undocumented.
- Instruction Scope
- okSKILL.md instructions align with the code: require POLLINATIONS_API_KEY, explain optional TELEGRAM_CHAT_ID, and show how to run the scripts. The scripts only read the declared env vars (POLLINATIONS_API_KEY, TELEGRAM_CHAT_ID, ALLOWED_OUTPUT_DIRS, OPENCLAW_WORKSPACE) and write output files to allowed directories according to sanitizers. No unexpected file reads, secret harvesting, or external endpoints beyond gen.pollinations.ai are present.
- Install Mechanism
- okNo install spec is provided (instruction-only install). The included requirements.txt and meta.json list reasonable Python dependencies (requests, Pillow). There are no downloads from arbitrary URLs or archive extraction.
- Credentials
- okOnly POLLINATIONS_API_KEY is required (with TELEGRAM_CHAT_ID, ALLOWED_OUTPUT_DIRS, OPENCLAW_WORKSPACE optional). This is proportionate to the stated functionality. The scripts avoid hardcoding secrets and mask the API key in logged URLs.
- Persistence & Privilege
- okThe skill does not request permanent 'always' inclusion and does not modify other skills or system-wide settings. It creates output files under a workspace but does not persist credentials or change agent configuration.