ClawHub

青萍 AI 平台

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill mostly matches its stated AI image-generation purpose, but its downloader trusts API-provided filenames and URLs without validation, which could write files outside the intended folder if the service response is malicious or compromised.

Install only if you trust the Qingping/lusyoe API provider and are comfortable sending prompts to that service. Use a dedicated API key. Before relying on the downloader, ask the maintainer to validate returned URLs and force downloaded files to stay inside the qingping-ai folder.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI02: Tool Misuse and Exploitation
Medium
What this means

A bad service response could cause the skill to save or overwrite files outside the intended download folder, and may make your machine request unexpected URLs.

Why it was flagged

The script uses the API response's url and name directly. A malicious or compromised API response could provide path separators or an absolute filename to escape qingping-ai, or provide an unexpected URL for the local machine to fetch.

Skill content
url = img_data.get("url")
name = img_data.get("name")
filename = f"{name}.png"
path = download_image(url, filename, output_dir)
...
output_path = output_dir / filename
request.urlretrieve(url, output_path)
Recommendation

Sanitize filenames, reject absolute paths and path separators, resolve the final path and verify it stays inside qingping-ai, restrict downloads to expected HTTPS/CDN domains, and avoid overwriting existing files by default.

#
ASI03: Identity and Privilege Abuse
Low
What this means

Anyone or anything that can use this environment variable may be able to make Qingping API calls under your account or quota.

Why it was flagged

The script reads a local API key and sends it as the provider authentication header. This is expected for the stated image-generation service, but it is still account/usage authority.

Skill content
api_key = os.environ.get("QINGPING_API_KEY")
if api_key:
    return {"x-api-key": api_key}
Recommendation

Use a dedicated, revocable API key with the minimum needed permissions, monitor usage, and avoid storing the key in shared shell profiles or repositories.