AI Prompt Reverse Engine
PassAudited by ClawScan on May 5, 2026.
Overview
No malicious behavior is evident, but the skill references OpenAI/API-key use and external setup that are not fully represented in the installed artifacts.
This appears to be a benign instruction-only image-to-prompt skill. Before installing or following the README, verify any external repository and dependencies, protect your OpenAI API key, and avoid processing sensitive images unless you trust the provider and implementation.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you follow the README setup, you may run code or dependencies that were not reviewed as part of this skill.
The README points users to clone and install an external project and requirements file that are not included in the registry artifact. This is manual and not automatically executed, but the referenced code and dependencies are outside the reviewed package.
git clone https://github.com/YOUR_USERNAME/prompt-reverse-skill.git cd prompt-reverse-skill pip install -r requirements.txt
Only follow setup instructions from a real, trusted repository, and inspect the code and requirements before installing or running them.
A mishandled API key could expose your OpenAI account to unauthorized use or charges.
An OpenAI API key is a sensitive account credential. Its use is expected for an OpenAI vision-model workflow, but users should notice that the registry metadata does not declare a required credential.
Create a `.env` file: OPENAI_API_KEY=your_api_key_here
Use a limited-scope key if possible, keep it out of chat transcripts and public files, and monitor provider usage.
Private or sensitive images could be sent to an external provider if the README-described implementation is used.
The documented workflow implies image content may be processed through an external AI provider. This is aligned with the skill's purpose, but the artifacts do not specify data retention, privacy boundaries, or exact transfer behavior.
- Analyzes images using a vision model - OpenAI API
Avoid using sensitive images unless you trust the provider and implementation, and review the provider's data-use policy.