ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Don't download

v1.0.0

Remove image background to transparent PNG. Powered by RMBG-2.0, commercially-safe model. Extract subjects for overlays, product photography, logos, and cuto...

0· 95·0 current·0 all-time
by@levdavid1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to remove image backgrounds and its runtime instructions call the Bria image API — that is coherent. However the skill accesses a local credentials file (~/.bria/credentials) and writes a persistent API token there even though 'required config paths' were not declared in the metadata. Declaring config paths or required env vars would be expected for a skill that stores credentials.
!
Instruction Scope
The SKILL.md instructs the agent to read and write ~/.bria/credentials and to perform a device-auth flow (polling the auth server). It also tells the operator to upload local images to 'a hosting service' but does not specify one — this vagueness could cause images to be uploaded to arbitrary third-party hosts, risking data exposure. The instructions also assume curl and python3 are available and include loops that poll external endpoints.
Install Mechanism
No install spec or code files are present (instruction-only), so nothing will be written to disk by an installer. This is lower risk than skills that download and install binaries.
Credentials
The skill does not declare required environment variables, yet it reads/uses BRIA_AUTH_SERVER (with a default) and expects to set/use BRIA_API_KEY (persisted to disk). It does not request unrelated credentials. The missing declaration of the credential path and env usage is a proportionality / transparency issue.
Persistence & Privilege
The skill persists an API token to ~/.bria/credentials, giving it ongoing access to the Bria API until that file is removed. The skill does not request 'always: true' or other elevated platform privileges and does not modify other skills, but persistent token storage is a lasting presence worth noting.
What to consider before installing
This skill appears to do what it says (remove image backgrounds), but take these precautions before installing or using it: - Confirm the auth server and API endpoints (metadata lists https://auth.bria.ai and engine.prod.bria-api.com). If the sources/homepage are unknown, verify them independently. - Be aware it will create and store a token at ~/.bria/credentials. If you don't want long-lived credentials on disk, do not authenticate or remove the file after use. - The skill tells you to upload local images to an unspecified hosting service. That step could leak private images if you choose an untrusted host — decide which host to use or refuse to upload sensitive files. - It requires network access to the Bria endpoints and will poll the auth server during device authorization; review network policies or run in a sandbox if you need isolation. - If you want more assurance, request the skill author/publisher, a homepage or repository link, and a declaration of required config paths/env vars. If those are missing or the author is unknown, treat the skill more cautiously.

Like a lobster shell, security has layers — review code before you run it.

latestvk978d1jbr4jx49kxz9whgz80rn835t87

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments