Skillv1.0.3

ClawScan security

Wavespeed Nanobanana2 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 5, 2026, 3:39 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill appears to implement a Wavespeed text-to-image integration (coherent), but the package contains several inconsistencies and risky artifacts — notably a hardcoded API key and a top-level test that runs on load — that make it suspicious and require cleanup before use.
Guidance: Do not install or enable this skill until the issues are fixed. Specific actions to take or request from the author: - Remove the top-level test block (the anonymous async function at the end of index.js). That code runs on module load and triggers an outbound API call immediately. - Remove any hardcoded API key from the repository. If the embedded key is real, revoke it immediately (treat it as compromised). - Fix registry metadata and SKILL.md to consistently declare WAVESPEED_API_KEY as a required environment variable. - Implement or document the advertised parameters (resolution, output_format) or update SKILL.md to match the actual behavior. - Replace the malformed skill.json (which contains a shell echo command) with a proper JSON file — shipping a shell command as the skill manifest is suspicious and could modify user files if executed by a maintainer script. - After the author provides a cleaned version, review that no secrets remain in code and that no code runs network calls on import; run the skill in an isolated environment first to confirm behavior and any billing implications. If you cannot get a corrected package, treat this skill as untrusted because of embedded secrets and load-time network activity.

Review Dimensions

Purpose & Capability: noteName/description and most files indicate a text→image skill for Wavespeed and the code actually calls a Wavespeed API endpoint — this is coherent. However SKILL.md advertises parameters (resolution, output_format) that index.js does not implement, and the registry metadata incorrectly lists "Required env vars: none" despite the skill requiring WAVESPEED_API_KEY.
Instruction Scope: concernSKILL.md is scoped to generating images and using WAVESPEED_API_KEY. The index.js file, however, contains a top-level immediately-invoked test block that will execute when the module is loaded, performing an API call using a hardcoded API key and logging results. That means simply loading/installing the skill triggers network activity and use of an embedded credential — outside the normal runtime use described in SKILL.md.
Install Mechanism: noteThere is no install spec (instruction-only is lower risk), but the package contains code files (index.js and package.json with axios) so installing or loading will write/execute code. The included dependencies are normal (axios) and pulled from npm; no remote downloads or unusual install hosts are present.
Credentials: concernThe skill correctly requires WAVESPEED_API_KEY for the API, which is proportionate. But the package includes a hardcoded API key inside index.js testContext — this is a sensitive secret embedded in source. Also registry metadata claims no required env vars while SKILL.md and skill.json list WAVESPEED_API_KEY, an inconsistency worth resolving.
Persistence & Privilege: okThe skill does not request always:true and does not declare elevated platform-wide privileges. Permissions list network access which matches its purpose. The main concern is the load-time test behavior, not persistence/privilege escalation.