Back to skill
Skillv1.0.0
ClawScan security
image2 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 28, 2026, 3:22 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and required variables are consistent with an image-generation client for the kexiangai.com image2 API; nothing requested or performed is disproportionate to that purpose.
- Guidance
- This skill appears coherent: it only needs an X_API_KEY and uses curl/python3 to call the documented image2 endpoints on kexiangai.com. Before installing/using it: 1) confirm you trust the provider (https://kexiangai.com) because prompts, reference image URLs, and any data sent will be transmitted to that service; 2) prefer supplying X_API_KEY via a session environment variable rather than persisting it to ~/.config/image2/.env unless you understand and accept the local storage; 3) if you run set_key.sh, do so only from a trusted environment; 4) review or sandbox the included scripts if you will run them — they print whole API responses (not the key) and will poll the provider until the task completes, which may consume credits; 5) if you need stronger guarantees, ask the skill author for formal provider documentation or an official SDK/hosted URL to verify endpoints.
Review Dimensions
- Purpose & Capability
- okName/description, required binaries (curl, python3) and the single required env var (X_API_KEY) align with an HTTP-based image generation task creator that posts JSON and polls results. The included scripts implement the described API calls and polling behavior — no unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okSKILL.md and scripts stay within the stated scope: collect prompt/model/size/urls, validate, call the create endpoint, then poll the query endpoint until terminal status. Local key reading is explicitly opt-in (--use-local-key) and the skill documents masking the key in logs. The instructions do not direct the agent to read unrelated files or exfiltrate other secrets.
- Install Mechanism
- okNo install spec; this is instruction-only with two utility scripts included. Nothing is downloaded from external/untrusted URLs at install time. Risk from installation is low because no installer pulls remote code.
- Credentials
- okOnly a single API credential (X_API_KEY) is required, which is appropriate for the API being called. The only persistent config path is ~/.config/image2/.env and the SKILL.md/scripts require explicit user action (set_key.sh or --use-local-key) to read/write it. No unrelated secrets or multiple credentials are requested.
- Persistence & Privilege
- noteThe skill does not request always:true and is user-invocable. The only persistent action is an optional helper (scripts/set_key.sh) that will create ~/.config/image2/.env when the user runs it; this is documented and opt-in. This is reasonable but worth noting because it stores a long-lived API key on disk if the user chooses to.