Back to skill
Skillv1.0.0
ClawScan security
HY 3D Generation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 6, 2026, 1:38 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files, instructions, and required credentials are internally consistent with a Tencent HunYuan 3D generation integration; nothing in the package indicates hidden or unrelated behavior.
- Guidance
- This skill appears to do what it claims: call Tencent's AI3D API to create 3D models. Before installing/use: 1) Be prepared to provide Tencent API keys (TENCENTCLOUD_SECRET_ID/KEY) — use least-privileged keys and rotate them if possible. 2) Note the scripts will attempt to pip-install 'tencentcloud-sdk-python' at runtime (requires network and will write packages to the environment). If you run in a sensitive or locked environment, consider reviewing code and running it in an isolated sandbox or container. 3) The SKILL.md enforces 'zero-interaction' execution (agent may run the scripts without asking you), so only enable the skill in contexts where you trust automated script execution. 4) If you want extra assurance, inspect the full scripts locally and run them manually once to confirm behavior (submission to Tencent and retrieval of COS URLs) before allowing autonomous use.
Review Dimensions
- Purpose & Capability
- okName/description say: generate 3D via 混元生3D, and the code uses Tencent Cloud AI3D SDK and endpoints (ai3d.tencentcloudapi.com). The declared need for Tencent API keys (TENCENTCLOUD_SECRET_ID / TENCENTCLOUD_SECRET_KEY) matches the described purpose.
- Instruction Scope
- noteSKILL.md instructs the agent to run the provided Python scripts (main.py / submit_job.py / query_job.py) and to default to main.py. It also enforces a 'zero-interaction' rule (agent should not ask user confirmation before running). This is specific and coherent with an automation use-case, but it does increase the potential for the agent to execute code and install dependencies without an interactive confirmation step.
- Install Mechanism
- noteThere is no pre-install spec in the registry, but each script performs a runtime pip install of 'tencentcloud-sdk-python' via subprocess if the SDK is missing. Installing a well-known PyPI SDK at runtime is expected for this integration, but it does write to disk and requires outbound network/PyPI access — a moderate operational risk to consider.
- Credentials
- okThe only secrets/environment variables referenced are TENCENTCLOUD_SECRET_ID, TENCENTCLOUD_SECRET_KEY, and optionally TENCENTCLOUD_TOKEN — all justified for calling Tencent Cloud APIs. No unrelated credentials, config paths, or secret exfiltration mechanisms are present in the code or instructions.
- Persistence & Privilege
- okThe skill is not always-enabled, does not claim to modify other skills or global agent config, and does not request elevated platform privileges. It will install dependencies into the runtime environment, which is normal but persistent until uninstalled.