ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Hedra

v1.0.1

Generate images, videos, and lip-synced talking avatar videos from text prompts using Hedra AI models via the OpenClaw plugin.

0· 28·0 current·0 all-time
byMatt Stvartak@mattstvartak
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The plugin implements Hedra image/video/avatar generation and only requires a Hedra API key and optional default model IDs — this is coherent with the stated purpose. However, the registry metadata at the top of the submission incorrectly lists no required environment variables/credentials while the package and SKILL.md explicitly require HEDRA_API_KEY (and openclaw.plugin.json documents it). The capability itself is appropriate for the name/description, but the metadata mismatch is suspicious.
Instruction Scope
SKILL.md and the plugin code restrict actions to Hedra API calls (base URL https://api.hedra.com/web-app/public). Runtime instructions focus on generating assets, listing models/voices, polling generation status, and configuring the Hedra API key. The instructions do not ask to read unrelated system files or exfiltrate data to other endpoints.
Install Mechanism
This is an instruction-only/packaged plugin with source files included; there is no download-from-arbitrary-URL install step. package.json lists only a small dependency (@sinclair/typebox) and normal dev deps. No high-risk install operations (remote archives, unknown hosts) are present.
!
Credentials
The plugin legitimately requires a single service credential (HEDRA_API_KEY) which is proportionate to its functionality. The concern is that the registry summary incorrectly states 'Required env vars: none' and 'Primary credential: none' while both SKILL.md and openclaw.plugin.json expect HEDRA_API_KEY — this inconsistency could lead to misconfiguration or surprise when the plugin fails at runtime or when users inadvertently expose keys. No other unrelated secrets or system paths are requested.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and only uses its own plugin config / environment variable. It registers tools for on-demand use and does not demand persistent elevated privileges.
What to consider before installing
This plugin's code and docs show it only talks to Hedra (https://api.hedra.com) and needs a Hedra API key (HEDRA_API_KEY or plugin config). However, the registry metadata omitted that credential — treat that as a packaging/metadata red flag. Before installing: 1) Verify the plugin origin (README references a GitHub repo; confirm the publisher and repository contents match the packaged files). 2) Only provide a Hedra API key scoped/minimal for the required operations and avoid placing it in global/shared env vars if possible. 3) Inspect the included source (dist/src) or compare with upstream repo to ensure no hidden callbacks or alternate endpoints have been added. 4) If you rely on this in a sensitive environment, consider running it in an isolated environment or network with egress limited to Hedra domains. If the publisher cannot explain the metadata mismatch and origin, consider this suspicious and avoid installing until clarified.

Like a lobster shell, security has layers — review code before you run it.

latestvk972xf1j5wdhhpm0npa968w42n847rrw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments