Back to skill
Skillv1.0.1
ClawScan security
removebg-api · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 11, 2026, 10:27 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, docs, and requested credential line up with its stated purpose (calling remove.bg with an API key); nothing in the files suggests hidden or unrelated behavior.
- Guidance
- This skill appears to do exactly what it says: it validates an input image (type/size/dimensions), then uploads it to remove.bg using REMOVE_BG_API_KEY and saves the returned file under outputs/removebg-api. Before installing, ensure you: 1) have and trust a remove.bg account (uploads consume quota/credits and send image data to remove.bg), 2) store REMOVE_BG_API_KEY securely in OpenClaw config, 3) have python3 and whatever 'uv' runner referenced in examples available if you plan to use the preferred command, and 4) test with non-sensitive images first. Note the script will use OPENCLAW_WORKSPACE if present to find the workspace root (this is optional but not declared as required). If you need absolute assurance, review the script (scripts/removebg_api.py) yourself — it uses a single hard-coded API endpoint and standard Python urllib; there are no obfuscated or alternate network endpoints.
Review Dimensions
- Purpose & Capability
- okName/description, required env var (REMOVE_BG_API_KEY), and the included Python script all match a remove.bg API integration. Required binaries (python3 and 'uv' used by examples) are reasonable for running the script. No unrelated credentials or services are requested.
- Instruction Scope
- noteRuntime instructions and the Python script are narrowly scoped: they validate file extension and magic bytes, enforce size/dimension limits, restrict input to the workspace and output to outputs/removebg-api, and only POST the image to https://api.remove.bg/v1.0/removebg. One minor mismatch: the script optionally reads OPENCLAW_WORKSPACE to locate the workspace but OPENCLAW_WORKSPACE is not listed in required env metadata — its use is optional and not necessary for normal operation.
- Install Mechanism
- okNo install spec is included (instruction-only plus a local script), so nothing is downloaded or installed automatically. This is the lowest-risk install model.
- Credentials
- okOnly REMOVE_BG_API_KEY is required and declared as the primary credential; that is proportional to a service that authenticates via API key. The script uses that key to call remove.bg and does not request additional secrets. It will also check OPENCLAW_WORKSPACE if present (optional).
- Persistence & Privilege
- okalways is false and the skill does not modify other skills or system-wide settings. It does not request persistent elevated privileges or write outside its workspace output directory.