Skillv1.0.2

ClawScan security

Grok Imagine Image Pro · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 14, 2026, 6:58 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This instruction-only skill is internally consistent with its stated purpose (image generation/editing via xAI) and only requests the expected tools and one API key, but exercise normal caution when uploading local files or sharing the API key.
Guidance: This skill appears to do what it says: it calls xAI's image generation endpoint and saves PNGs. Before installing or using it, make sure you trust the XAI API key you provide (rotate it if unsure) and avoid pointing the skill at sensitive local files—the examples show base64-encoding and uploading arbitrary files, which is necessary for image edits but could leak secrets if misused. Confirm the API domain (api.x.ai) is correct for your account, and be aware files are saved under ~/.openclaw/media and /tmp. If you need stricter controls, do not grant the skill your primary account API key or only use a key with limited permissions / billing limits.
Findings: [no_findings] expected: The regex scanner found no code files to analyze; this is expected because the skill is instruction-only (SKILL.md) and contains shell/python examples rather than packaged code.

Purpose & Capability: okThe skill's name/description match the runtime instructions: it calls an xAI images endpoint, requires XAI_API_KEY, and uses curl/python3 to send requests and save PNGs. Required binaries and the single env var are proportional to the stated purpose.
Instruction Scope: noteInstructions are focused on generation and editing and show concrete curl+python examples that create ~/.openclaw/media and /tmp payloads. This is expected for image editing, but be aware the guidance includes base64-encoding local files and sending them to an external API—while needed for edits, that behavior could be used to exfiltrate arbitrary local files if misused. The SKILL.md does not attempt to read other system configs or require unrelated environment variables.
Install Mechanism: okThere is no install spec (instruction-only), so nothing is downloaded or written beyond the agent executing the provided commands. This is the lowest-risk install model.
Credentials: okOnly XAI_API_KEY is required, which is appropriate for calling the xAI API. No unrelated credentials or config paths are requested.
Persistence & Privilege: okThe skill is not marked always:true, has no install-time persistence, and does not modify other skills or system-wide settings. It writes output files to ~/.openclaw/media and /tmp as described (normal for media artifacts).