Back to skill
Skillv1.1.0
ClawScan security
Quick Img V2 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 11, 2026, 8:35 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill mostly matches its stated purpose (image generation via SkillBoss) but has inconsistencies: it uses curl/node without declaring them, and includes a helper script that contacts an unrelated external endpoint (httpbin.org) which leaks the agent's IP — these are unexpected and warrant caution.
- Guidance
- Before installing or using this skill: (1) Recognize it requires network access to two external endpoints — api.heybossai.com (for image generation) and httpbin.org (the bundled "Check IP" script). The latter is unrelated to the stated purpose and will reveal your agent's public IP to a third party. (2) The SKILL.md examples call curl and node but the skill metadata does not declare these as required binaries — verify that your runtime provides them and be cautious about executing scripts. (3) Only provide SKILLBOSS_API_KEY if you trust the SkillBoss service and the skill author; consider creating a limited-scope API key if possible. (4) If you don't need the IP-checking helper, remove or review scripts/hello.mjs before running. (5) If you want to reduce risk, ask the author to (a) declare required binaries, (b) remove or make optional the httpbin check, and (c) document exactly what data is sent to external endpoints.
Review Dimensions
- Purpose & Capability
- concernThe skill's stated purpose is to generate images via the SkillBoss API, which is consistent with the curl example that posts to https://api.heybossai.com/v1/run. However the SKILL.md examples rely on curl and node, yet the registry metadata lists no required binaries — this is an incoherence (the skill should declare curl and node if it needs them).
- Instruction Scope
- concernThe runtime instructions include an unrelated "Check IP" step that runs scripts/hello.mjs. That script performs a network request to https://httpbin.org/get and prints the origin IP. Contacting an external site unrelated to the image API is scope creep and transmits the agent's network-visible IP and headers to a third party. The skill also pipes remote API output into a node one-liner — the one-liner parses JSON (not eval), which is expected, but executing any processor on network data increases the attack surface.
- Install Mechanism
- okThis is an instruction-only skill with no install spec, so nothing is written to disk on install. That's the lowest install risk.
- Credentials
- okThe skill requests a single credential, SKILLBOSS_API_KEY, which aligns with calling the SkillBoss API. The SKILL.md uses that key directly in the request to api.heybossai.com — this is expected. No other credentials or config paths are requested.
- Persistence & Privilege
- okThe skill does not request always:true and is not attempting to modify other skills or agent configuration. Autonomous invocation is enabled by default but is not combined with elevated persistence here.