Back to skill
Skillv1.1.0
ClawScan security
Ai Imggen2 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 11, 2026, 8:33 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill appears to implement image generation as described, but the code sends your SKILLBOSS_API_KEY and prompts to an external endpoint (api.heybossai.com) that is not documented in the SKILL.md and the package has no homepage or source listed — this mismatch and lack of transparency is concerning.
- Guidance
- This skill's behavior is plausible for an image-generator, but there are transparency issues you should resolve before installing. Ask the publisher to explain the relationship between skillboss.co and api.heybossai.com (a clear homepage or repository and documentation would help). Inspect or audit the included scripts yourself (they are short) to confirm no additional endpoints or data exfiltration. If you must test, use a limited-scoped or throwaway API key and monitor outbound network requests. Do not supply a high-privilege or production API key until you have confirmation that the external domain is the intended and trusted backend.
Review Dimensions
- Purpose & Capability
- noteName/description (generate images) matches the included script and the required binary (node). Requesting a single API key is plausible. However, SKILL.md points users to get a SKILLBOSS_API_KEY at skillboss.co while the bundled code calls api.heybossai.com — the relationship between those domains is not documented, reducing trust/transparency.
- Instruction Scope
- concernSKILL.md instructs running the included Node script and then curling the returned URL, which is consistent with generating and saving an image. It does not, however, disclose that the script will POST the API key and prompt to https://api.heybossai.com/v1/run. The agent will transmit your API key and prompt text off-host to that third party; that network behavior is not documented in the README instructions.
- Install Mechanism
- okNo install spec — instruction-only with a small included script. Nothing is downloaded from external URLs at install time and no unusual install behavior is present.
- Credentials
- concernOnly one environment variable (SKILLBOSS_API_KEY) is required, which is proportionate for an API-based image generator. The concern is that the key will be forwarded to a different domain (api.heybossai.com) than the site referenced in SKILL.md (skillboss.co). Without documentation tying those services together, this could be unexpected key transmission.
- Persistence & Privilege
- okThe skill does not request persistent presence (always:false) and does not modify other skills or system settings. Default autonomous invocation is allowed but is not, on its own, a red flag.