ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Venice API Kit

v2.0.2

Complete Venice AI API toolkit - image generation, video, audio, embeddings, transcription, characters, models, and admin functions. Privacy-focused inferenc...

0· 807·0 current·0 all-time
bySabrina Aquino@sabrinaaquino·duplicate of @sabrinaaquino/venice-ai-full
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Venice API toolkit) match the included scripts (image, video, audio, embeddings, admin endpoints). Required env var VENICE_API_KEY is appropriate as the primary credential.
Instruction Scope
SKILL.md instructs running the included Python scripts via the uv runner and to set VENICE_API_KEY. The scripts only read that env var and user-supplied files/paths, call Venice API endpoints, and write output files; they do not access unrelated system paths or other credentials.
Install Mechanism
Install metadata uses brew to install 'uv' and Python 3.12 and pip to install httpx. Installing httpx is expected for these Python scripts. The 'uv' brew formula is necessary for 'uv run' usage but is a less-common tool—users may want to verify the source/tap for that formula before installing system-wide.
Credentials
The skill requests a single API key (VENICE_API_KEY) which is the service credential needed. Several scripts provide admin-level operations (create/list/delete API keys, billing/usage) and therefore require an admin-scoped key when those operations are used—this is documented in the scripts but means users should not supply a high-privilege key unless they intend to run admin actions.
Persistence & Privilege
The skill does not request permanent presence (always:false), does not modify other skills or system-wide settings, and does not store credentials beyond using the environment variable / optional openclaw config entry.
Assessment
This package appears to be what it says: a Venice.ai CLI toolkit. Before installing, verify you trust https://venice.ai and confirm the origin of the 'uv' brew formula (so you don't add an unexpected tap). Use a least-privilege API key: only provide an ADMIN-scoped VENICE_API_KEY if you intend to run API-key or billing admin scripts. Never commit your API key to version control; set it in an environment variable or OpenClaw config as described. If you have concerns, run the scripts in an isolated environment (container or VM) and inspect/run them locally; the privacy/no-retention claim in the README is a provider statement you cannot verify from the client code.

Like a lobster shell, security has layers — review code before you run it.

latestvk97901pp75hgae3y59caxbd1x981gywn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🏛️ Clawdis
Binsuv, python3
EnvVENICE_API_KEY
Primary envVENICE_API_KEY

Install

Install uv (brew)
Bins: uv
brew install uv
Install Python 3.12 (brew)
Bins: python3
brew install python@3.12

Comments