Back to skill
Skillv1.0.0
ClawScan security
腾讯云混元文生图像生成 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 4, 2026, 3:13 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions match its stated purpose (calling Tencent 混元生图 3.0) but the package metadata omits required cloud credentials, an inconsistency users should understand before installing.
- Guidance
- This skill appears to implement exactly what it claims: it sends your prompts (and any reference-image URLs you supply) to Tencent's AI Art API and returns job status and image URLs. Before installing: - Note the registry metadata omits required environment variables, but the SKILL.md and script do require TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY; do not rely on the registry listing alone. - Only provide Tencent credentials if you trust the skill source; these keys grant access to your Tencent account's AI Art API and could be abused if leaked. Prefer creating limited-permission or billing-restricted credentials if possible. - Review the script yourself (it is short and included). It implements TC3 signing and talks to aiart.tencentcloudapi.com — there are no hidden external endpoints. - The script prints prompts and revised prompts; consider that prompts are sent to Tencent (so any sensitive information in prompts will be transmitted). - If you are uncomfortable providing long-lived keys, run the script locally in an isolated environment, or avoid installing the skill. If the metadata inconsistency matters for automation/policy, ask the publisher to correct the registry entry.
Review Dimensions
- Purpose & Capability
- noteThe skill name, SKILL.md, and the included Python script all consistently implement Tencent 混元生图 (HunyuanImage 3.0) text-to-image and image-to-image flows. However, the registry metadata declared no required environment variables while the SKILL.md and script both require TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY. That metadata omission is an inconsistency (likely sloppy packaging) but the credentials themselves are coherent with the skill's purpose.
- Instruction Scope
- okSKILL.md runtime instructions stay within the stated scope: preparing a venv, installing python-dotenv, setting TENCENTCLOUD_* in a .env file, and invoking the provided script. The script builds TC3-HMAC-SHA256 auth headers and POSTs to aiart.tencentcloudapi.com, polls job status, and prints prompt and returned image URLs. It does not read unrelated system files, does not download user-provided reference images (it sends their URLs), and does not forward data to unexpected endpoints.
- Install Mechanism
- okThis is an instruction-only skill (no installer). Installation is manual: create a Python venv and pip install python-dotenv. No downloads from untrusted URLs or archive extraction are present. The only dependency is python-dotenv, which is modest and expected for .env handling.
- Credentials
- concernThe script requires Tencent cloud credentials (TENCENTCLOUD_SECRET_ID, TENCENTCLOUD_SECRET_KEY, optional REGION) and SKILL.md tells users to place them in .env — that is proportionate to calling Tencent APIs. The problem: the skill metadata in the registry declared no required env vars/credentials. This mismatch is a packaging/declaration issue that could mislead users or automated policy checks. No other unrelated credentials are requested.
- Persistence & Privilege
- okThe skill does not request always:true and is user-invocable only. It does not modify other skills or system-wide configs. It only directs the agent to run the included script when invoked.