Skillv1.0.0

ClawScan security

bizyair-banana2 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 8, 2026, 8:00 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement BizyAir image generation, but there are mismatches between its declared metadata and what it actually requires (notably an API key), plus small inconsistencies in packaging that merit caution.
Guidance: This skill's code and docs implement BizyAir image generation and will require your BizyAir API key, but the registry metadata failed to declare that credential — treat that as a red flag. Before installing: (1) Confirm you trust BizyAir and want to give this skill your BIZYAIR_API_KEY. (2) Note the Python script searches for .env files in several user locations (skill dir, ~/.config, ~/.bizyair-banana2, ~/.baoyu-skills) — ensure those files do not contain other unrelated secrets. (3) The package.json/runtime entries reference bun/TypeScript even though the shipped runtime is Python; this mismatch is likely harmless but suggests the package metadata wasn't carefully maintained. (4) Run the skill in a controlled environment first (or inspect scripts yourself) and ensure the 'requests' Python dependency is installed. (5) If you need stronger assurance, ask the author to update registry metadata to declare BIZYAIR_API_KEY as required and to confirm the only external endpoints used are BizyAir endpoints (api.bizyair.cn and the returned OSS endpoints).

Review Dimensions

Purpose & Capability: noteThe code and SKILL.md both implement an image-generation client for BizyAir (Nano Banana 2) which matches the skill name/description. However the registry metadata declares no required environment variables or primary credential while both the documentation and the Python script require BIZYAIR_API_KEY — this is an inconsistency.
Instruction Scope: okRuntime instructions focus on configuring the BizyAir API key, uploading reference images, submitting tasks, polling status, and downloading outputs. The SKILL.md and scripts only reference expected configuration files and paths for the API key (skill .env, ~/.config, ~/.bizyair‑banana2, ~/.baoyu-skills). They do not instruct unrelated file reads or exfiltration beyond BizyAir endpoints.
Install Mechanism: okThere is no install spec (instruction-only plus included scripts). That lowers install risk. The Python script depends on requests but no dependency installation is declared; runtime may fail if required Python packages are missing, but there is no suspicious external download or archive extraction.
Credentials: concernThe skill legitimately needs a BIZYAIR_API_KEY, and the code looks for it in env or multiple .env locations. However the registry metadata does not declare this required env var (declares none). The script will read .env files in several home locations (including ~/.baoyu-skills), which is reasonable to locate the API key but increases the chance the script will read user-level config files — the skill should have declared the API key requirement explicitly in metadata.
Persistence & Privilege: okThe skill does not request always:true and does not modify other skills or system-wide settings. It writes only output images to user-specified paths and may create directories for outputs; no elevated persistence or cross-skill modification observed.