Skillv1.0.0

ClawScan security

the ai painting interface of suichuang api · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 13, 2026, 6:57 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions expect an API key and call an external image API, but the package metadata does not declare any required credentials or provenance — this mismatch and some risky guidance (putting keys in URLs) make the package suspicious until clarified.
Guidance: This skill appears to be a simple API wrapper for an external image service, but the metadata fails to declare the API key it expects and the instructions recommend putting the key in headers, body, or URL (URLs are unsafe). Before installing, verify the service and author (no homepage provided), ask the author to: (1) declare a primaryEnv for the API key so you can provide it securely, (2) recommend using an Authorization header or environment variable instead of URL query params, and (3) provide a homepage or documentation and privacy/terms. If you proceed, supply the key only via a secure agent-secret/env mechanism (not URL query), and avoid giving the key if you do not trust the api.wuyinkeji.com domain or the skill owner.

Review Dimensions

Purpose & Capability: concernThe skill's stated purpose (generate images via NanaBanana 2/Pro) matches the instructions which call an external API (https://api.wuyinkeji.com). However, the skill metadata declares no required environment variables or primary credential while the instructions repeatedly require 'your key' (Authorization header, JSON body field, and URL query param). A legitimate API-integration skill would normally declare a required API key (primaryEnv) and document where to provide it.
Instruction Scope: concernSKILL.md is prescriptive and bounded to image-generation endpoints and polling logic (POST submit, GET poll every 3s up to 20 times). However it also instructs the agent to place the API key interchangeably in headers, JSON body, or URL query parameter. Placing secrets in URL query parameters is a risky practice (exposes keys in logs, referers). The instructions do not specify how the agent should obtain the key (no declared env var or config location), leaving ambiguity about credential sourcing and handling.
Install Mechanism: okNo install spec and no code files — instruction-only skill. This minimizes filesystem/install risk because nothing is downloaded or executed by an installer.
Credentials: concernThe functionality legitimately requires an API key, but requires.env and primary credential are both empty in metadata. This mismatch is disproportionate: the skill expects a secret but doesn't declare it. The instructions encourage unsafe placement of the key (URL/body) rather than recommending a secure, declared environment variable.
Persistence & Privilege: okalways:false and no special config paths or system modifications. The skill can be invoked autonomously (default), which is standard for skills; there is no evidence it requests permanent elevated presence.