Back to skill
Skillv0.1.0
ClawScan security
Renderful Generation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 12:18 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions and required actions are consistent with a Renderful generation helper, but it references API registration, payments, and webhooks (external callbacks) without declaring credentials or safeguards — review how keys, billing, and webhook URLs are handled before use.
- Guidance
- This skill appears to be a normal, instruction-only wrapper for Renderful's generation tools, but before installing you should: (1) confirm you trust the Renderful endpoint (https://renderful.ai) and the OpenClaw plugin implementation, (2) ask how API keys and agent registration are handled and where keys will be stored, (3) understand the billing flow and what '402' responses require — do not provide payment credentials until you verify the vendor, (4) be cautious about enabling set_webhook: only allow webhook URLs you control or trust because they can receive generated content, and (5) require explicit user approval before any side-effect action (register_agent, generate, set_webhook or payment-related operations).
Review Dimensions
- Purpose & Capability
- okThe name/description (Renderful generation, quote-before-generate, polling, 402 fallback) matches the runtime instructions: list models, quote, generate, poll for status, check balance, and optionally register an agent or set webhooks. The listed tool calls are exactly what a generation service would need.
- Instruction Scope
- noteSKILL.md stays focused on generation workflow and explicitly recommends read-only calls until user approval, which is good. It does include instructions to use set_webhook and register_agent; webhooks can cause outbound transmission of generation results to arbitrary endpoints and agent registration typically creates credentials — the doc does not limit or validate webhook targets or describe where credentials are stored.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files — minimal disk/write footprint and no external packages fetched by the skill itself.
- Credentials
- noteThe skill declares no required env vars or primary credential, yet it references API keys (register_agent) and payment flows (status=402, deposit_addresses, x_payment). This is not necessarily incoherent (the downstream plugin may manage keys/billing) but the SKILL.md does not describe how/where API keys or payment information will be obtained, stored, or used.
- Persistence & Privilege
- okalways:false and no installs means the skill does not request permanent inclusion or elevated platform privileges. Agent autonomous invocation is allowed (platform default). Note: autonomous invocation combined with webhook configuration or payment operations increases blast radius unless user approval is enforced for side effects.