ClawHub

removebg-api

v1.0.1

Remove image backgrounds using the remove.bg API with API-key auth and transparent PNG output. Use when high-quality cutouts are needed and cloud processing...

0· 747·2 current·2 all-time
byRoland Kákonyi@rolandkakonyi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, required env var (REMOVE_BG_API_KEY), and the included Python script all match a remove.bg API integration. Required binaries (python3 and 'uv' used by examples) are reasonable for running the script. No unrelated credentials or services are requested.
Instruction Scope
Runtime instructions and the Python script are narrowly scoped: they validate file extension and magic bytes, enforce size/dimension limits, restrict input to the workspace and output to outputs/removebg-api, and only POST the image to https://api.remove.bg/v1.0/removebg. One minor mismatch: the script optionally reads OPENCLAW_WORKSPACE to locate the workspace but OPENCLAW_WORKSPACE is not listed in required env metadata — its use is optional and not necessary for normal operation.
Install Mechanism
No install spec is included (instruction-only plus a local script), so nothing is downloaded or installed automatically. This is the lowest-risk install model.
Credentials
Only REMOVE_BG_API_KEY is required and declared as the primary credential; that is proportional to a service that authenticates via API key. The script uses that key to call remove.bg and does not request additional secrets. It will also check OPENCLAW_WORKSPACE if present (optional).
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide settings. It does not request persistent elevated privileges or write outside its workspace output directory.
Assessment
This skill appears to do exactly what it says: it validates an input image (type/size/dimensions), then uploads it to remove.bg using REMOVE_BG_API_KEY and saves the returned file under outputs/removebg-api. Before installing, ensure you: 1) have and trust a remove.bg account (uploads consume quota/credits and send image data to remove.bg), 2) store REMOVE_BG_API_KEY securely in OpenClaw config, 3) have python3 and whatever 'uv' runner referenced in examples available if you plan to use the preferred command, and 4) test with non-sensitive images first. Note the script will use OPENCLAW_WORKSPACE if present to find the workspace root (this is optional but not declared as required). If you need absolute assurance, review the script (scripts/removebg_api.py) yourself — it uses a single hard-coded API endpoint and standard Python urllib; there are no obfuscated or alternate network endpoints.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ffw0250tkzqtzqwh5xzsy9184m2dk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsuv, python3
EnvREMOVE_BG_API_KEY
Primary envREMOVE_BG_API_KEY

Comments