Back to skill
Skillv1.0.1
ClawScan security
Vision Analyzer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 8, 2026, 3:21 AM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill largely does what it claims (sending an image to Ollama Cloud for analysis), but the registry metadata omits the required OLLAMA_API_KEY and there are privacy implications from sending local images to an external service — verify provenance before installing.
- Guidance
- This skill's code matches its description: it reads a local image and posts it (base64) to Ollama Cloud using OLLAMA_API_KEY. Before installing, verify the skill's provenance (source/homepage missing), confirm you are comfortable sending images (potentially sensitive) to Ollama, and only provide an API key with appropriate, limited scope or a throwaway key for testing. Also ask the publisher to update the registry metadata to declare OLLAMA_API_KEY as a required env var so the permissions are transparent.
Review Dimensions
- Purpose & Capability
- concernThe skill's name, SKILL.md, and script consistently state it uses Ollama Cloud's Kimi K2.5 model to analyze images — that purpose matches the implementation. However, the registry metadata lists no required environment variables while both SKILL.md and the script require OLLAMA_API_KEY; this metadata omission is an incoherence and reduces transparency. The source/homepage are also missing, which makes provenance unclear.
- Instruction Scope
- noteRuntime instructions are narrow and consistent: run the included Python script with a local image path and optionally a prompt. The script only reads the supplied image path and the OLLAMA_API_KEY env var, base64-encodes the image, and posts it to https://ollama.com/api/generate. This is within the stated purpose, but it does transmit the full image (and prompt) to a third party — a privacy exposure users should consider.
- Install Mechanism
- okNo install spec is provided (instruction-only plus a small Python script). Nothing downloads arbitrary code at install time and no archives or external install URLs are used. The script will run with the existing python runtime; this is low install risk.
- Credentials
- concernThe script legitimately requires a single API key (OLLAMA_API_KEY) to call Ollama Cloud, which is proportionate to the stated function. However, the registry metadata incorrectly lists no required env vars — a transparency issue. Also, providing that API key grants the skill (and Ollama) access to any image data you send; users should confirm acceptable data handling and token scope before supplying sensitive images or reuse of high-privilege keys.
- Persistence & Privilege
- okThe skill is user-invocable, not always-enabled, and does not attempt to change system settings, other skills, or request elevated privileges. It does not persist credentials or modify other configs.