v0.1.3

Creatok Generate Image

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:19 AM.

Analysis

The skill mostly matches its CreatOK image-generation purpose, but it needs review because an unvalidated run ID can redirect where local result files are written.

GuidanceBefore installing, verify that you trust the publisher/source, configure CREATOK_API_KEY carefully, approve paid generations only after reviewing model/count/resolution/cost and any reference images, and avoid untrusted run_id values until the artifact path is constrained.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

lib/artifacts.js

function artifactsForRun(skillDir, runId) { return new Artifacts(path.join(artifactsRootForSkill(skillDir), runId)); }

The runId value is joined directly into the artifact path without validation; scripts/run.js accepts --run_id as an argument, so traversal values could redirect result.json/result.md writes outside the intended .artifacts directory.

User impactIf an untrusted or malformed run ID is used, the skill may write its result files in unintended local directories and potentially overwrite similarly named output files.

RecommendationSanitize run_id to a safe identifier or resolve the path and enforce that it remains inside the skill's .artifacts directory before writing.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

lib/creatok-client.js

const file = await fs.readFile(filePath); ... await fetch(upload.presignedUploadUrl, { method: 'PUT', headers: { 'Content-Type': fileType }, body: file })

The client reads a local reference image and uploads it to a CreatOK-provided presigned URL; SKILL.md discloses that reference images are uploaded before generation.

User impactAny local image file provided as a reference image will be sent to the remote image-generation service.

RecommendationOnly provide reference image paths that the user explicitly wants uploaded, and avoid passing private local images unintentionally.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

scripts/run.js

if (key === '--yes') { args.yes = true; } ... if (!resolvedArgs.yes) { const confirmed = await confirmGeneration(resolvedArgs); ... }

The default CLI path asks for confirmation, but --yes skips the interactive prompt. This is usable for already-confirmed workflows, but matters because image generation may consume credits.

User impactA paid generation could start without an interactive prompt if the caller passes --yes before the user has approved the model, count, resolution, and cost.

RecommendationUse --yes only after an explicit user confirmation has already been obtained, and keep the SKILL.md confirmation gate in the agent workflow.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceMediumStatusNote

metadata

Source: unknown; Homepage: none; Registry metadata Version: 0.1.3; SKILL.md version: "1.0.0"

The registry provenance fields are incomplete and the packaged metadata version does not match the SKILL.md frontmatter version, which makes origin and update verification less clear.

User impactIt is harder for a user to independently verify the publisher, source repository, or exact packaged version.

RecommendationPrefer a package with a clear homepage/source link and aligned registry and SKILL.md version metadata.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

lib/config.js

const apiKey = process.env.CREATOK_API_KEY; ... baseUrl: 'https://www.creatok.ai', openSkillsKey: String(apiKey)

The skill requires a CreatOK API key from the environment and uses it for authenticated CreatOK API calls; this is expected for the integration but grants account/API authority.

User impactThe skill can use the configured CreatOK account for image-generation tasks and related status/upload operations.

RecommendationUse a key intended for this service, protect the environment variable, and revoke or rotate the key if it is no longer needed.