v1.5.16

Sogni Gen

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:42 AM.

Analysis

Sogni Gen appears purpose-aligned for image and video generation, but it uses Sogni credentials, can send selected local media to Sogni’s network, and saves generated outputs locally.

GuidanceBefore installing, make sure you trust the Sogni package/source, use an API key instead of a password if possible, avoid sending sensitive personal media unless you accept the external processing, monitor token costs, and know that generated files and last-render metadata may be saved locally.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

mcp-server.mjs

execaNode(SOGNI_GEN, ['--json', '--quiet', ...args] ... const resp = await fetch(url) ... writeFileSync(filePath, buf)

The MCP server wraps the local CLI and saves downloaded generation results to disk, which is expected but gives the agent a tool path for spending tokens and writing media files.

User impactAgent-initiated tool calls can generate content, consume Sogni tokens, and create files in the configured downloads directory.

RecommendationKeep the downloads directory scoped, monitor token use, and require explicit user intent before large or costly video generations.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

skill-package.json

"@modelcontextprotocol/sdk": "^1.0.0", "@sogni-ai/sogni-client-wrapper": "^1.5.2", "execa": "^9.6.1", "json5": "^2.2.3", "sharp": "^0.34.5"

The runtime is installed through npm dependencies with semver ranges, so installation may resolve third-party package versions at install time.

User impactThe installed behavior depends partly on npm packages fetched during setup.

RecommendationInstall from the official Sogni/OpenClaw source, audit or pin dependency versions where possible, and avoid installing from lookalike package names.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

SOGNI_API_KEY=your_api_key ... # SOGNI_USERNAME=your_username ... # SOGNI_PASSWORD=your_password

The skill authenticates to a Sogni account using an API key or username/password, which is expected for the service but grants account and token-spending authority.

User impactInstalling and using the skill gives it access to your Sogni account credentials for generation and balance-related actions.

RecommendationPrefer an API key over an account password when possible, keep the credentials file permission-restricted, and revoke or rotate credentials if you stop using the skill.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceHighStatusNote

README.md

Generate images and videos using Sogni AI's decentralized GPU network ... --ref face.jpg ... --ref-audio speech.m4a ... --ref-video motion.mp4

The documented workflows can send prompts and selected local images, audio, or video to Sogni’s external decentralized processing network.

User impactPersonal photos, faces, audio, video, and prompts may leave your device when used as generation or editing inputs.

RecommendationOnly provide media you are comfortable sending to Sogni’s service, and review Sogni’s privacy and retention terms before using sensitive personal content.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

Last render metadata (read/write): `~/.config/sogni/last-render.json` ... `--last-image` Use last generated image as context/ref

The skill persists last-render metadata and can reuse a prior generated image as later context.

User impactPrevious generation metadata or outputs may influence later requests or reveal what was generated before.

RecommendationClear `~/.config/sogni/last-render.json` if you do not want prior renders reused, and be cautious with `--last-image` on shared machines.