ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Don't download

v1.0.0

AI image generation, editing, and background removal API via Bria.ai — remove backgrounds to get transparent PNGs and cutouts, generate images from text prom...

1· 46·0 current·0 all-time
by@levdavid1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The description and SKILL.md clearly implement an image-generation/editing/background-removal integration with Bria.ai and require BRIA_API_KEY and curl — those requirements match the stated purpose. However the skill's public name ('Don't download') does not match the Bria branding used throughout the files (SKILL.md name: 'bria-ai'), and the runtime reads a local config file (~/.bria/credentials) even though the registry metadata lists no required config paths. That metadata/file-access mismatch is unexpected.
!
Instruction Scope
The SKILL.md and the included bria_client.sh instruct the agent to read ~/.bria/credentials (to extract access_token and api_token) and to write temp JSON payloads in /tmp. Reading a credentials file is outside a minimal 'call the API with BRIA_API_KEY' scope and was not declared in the skill metadata. All network calls go to engine.prod.bria-api.com / platform.bria.ai endpoints which align with the stated service.
Install Mechanism
There is no install spec and the skill is instruction-only plus a small helper shell script. No external downloads or extract operations are used. The helper requires only standard binaries (curl, base64, sed) which is proportionate.
Credentials
The skill declares a single primary credential (BRIA_API_KEY), which is consistent with its purpose. The concern is that both SKILL.md and bria_client.sh also automatically read ~/.bria/credentials to load api_token and access_token without that config path being declared. This discrepancy should be clarified — the skill expects a local credentials file in addition to or instead of the env var.
Persistence & Privilege
The skill is not force-included (always:false), does not request system-wide changes, and only writes temporary files under /tmp when performing calls. It does not request unusual privileges or attempt to modify other skills.
What to consider before installing
This skill largely behaves like a normal Bria.ai client, but note two inconsistencies: the skill is named 'Don't download' while all files identify it as Bria/bria-ai, and its runtime reads ~/.bria/credentials even though the registry metadata doesn't declare that config path. Before installing, inspect your ~/.bria/credentials to see what keys/tokens it contains, confirm you trust the skill source, and ensure BRIA_API_KEY has limited scope. If you prefer not to grant file access, require the BRIA_API_KEY be provided via the environment (and remove or ignore the auto-load code). Run the helper script in a safe/test environment first and verify network endpoints (engine.prod.bria-api.com / platform.bria.ai) match official Bria docs.

Like a lobster shell, security has layers — review code before you run it.

latestvk97canwggzfh0ncwbzw08eghqs83ntba

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🖼 Clawdis
Any bincurl
EnvBRIA_API_KEY
Primary envBRIA_API_KEY

Comments