Back to skill
Skillv1.0.3
ClawScan security
Kay Image · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 25, 2026, 11:05 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code and docs largely match an image-generation/understanding tool, but there are small inconsistencies (undeclared runtime dependency, extra environment variables enforced by the code, and no homepage/source provenance) that you should understand before installing.
- Guidance
- This skill appears to implement an image-generation and understanding CLI that calls KIE (and optionally LaoZhang) APIs — that is coherent with its description. Before installing, verify these things: 1) Source and trust: the package has no homepage and the publisher identity is unknown — consider whether you trust the author. 2) Runtime: the script requires Bun (#! /usr/bin/env bun) and is TypeScript; ensure your environment supports Bun or the platform will need to provide it. 3) Credentials: the tool uploads images/videos to remote APIs; only provide an API key with minimal permissions and avoid committing .env files into repos or shared storage. 4) Understanding mode requires either KIE_UNDERSTANDING_API_KEY or LAOZHANG_API_KEY (the metadata only listed KIE_API_KEY) — set these intentionally. 5) Review the full script for any endpoints you don’t recognize and test in a sandbox before running on sensitive files. If you want higher assurance, ask the author for source provenance, an explicit runtime requirement list (Bun/node), and a published homepage or repository for review.
Review Dimensions
- Purpose & Capability
- noteName/description (text→image, image→image, image/video understanding via KIE or LaoZhang) align with the code and CLI options. However, the package metadata declares only KIE_API_KEY as required while the implementation also requires KIE_UNDERSTANDING_API_KEY or LAOZHANG_API_KEY for 'understand' mode. Also the script uses a Bun shebang (#!/usr/bin/env bun) but 'required binaries' lists none — the runtime dependency on Bun is not declared.
- Instruction Scope
- noteSKILL.md CLI usage and the script consistently instruct reading local files, accepting remote URLs, and sending data to KIE or LaoZhang APIs — this is expected for the stated purpose. The docs recommend storing API keys in a .env file under skills/kay-image/.env (user-run instruction). Be aware the tool will read local files (fileToBase64) and upload their contents to remote APIs — expected, but sensitive files could be transmitted if provided.
- Install Mechanism
- noteNo install spec (instruction-only) — low supply-chain risk. However, the script is written for Bun (shebang) and TypeScript; the skill does not declare Bun or any runtime as a required binary. That undeclared runtime requirement may cause failures or hidden assumptions about the environment.
- Credentials
- noteRequested credentials (KIE_API_KEY for generation; KIE_UNDERSTANDING_API_KEY or LAOZHANG_API_KEY for understanding) are proportionate to the functionality. Minor inconsistency: metadata frontmatter lists only KIE_API_KEY as required while the code enforces additional environment variables for understanding mode. No unrelated cloud or system credentials are requested.
- Persistence & Privilege
- okThe skill is not flagged 'always: true' and does not request system-wide configuration or other skills' credentials. It has no install step that would persist new system services. It does read/write local files only under user-directed paths (output path, optional .env), which is expected for a CLI.