Back to skill
Skillv1.2.0
ClawScan security
CREAT IMAGE FREE · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 9, 2026, 10:57 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill is internally coherent — it calls a third-party image generation API and returns base64 images — but it sends user prompts to an external, unknown service (no homepage or vendor info), so use caution with sensitive data.
- Guidance
- This skill appears to do what it says: it will send your text prompt to the external Gilotex API and return a base64 image. Before installing, consider: (1) The service owner/homepage is not provided — verify the vendor, privacy policy, and terms of service if you care about data retention or usage of your prompts. (2) Do not send secrets or sensitive personal data in prompts — they will be transmitted to an external endpoint. (3) Because no credentials are required, the API may be an open/free endpoint with rate limits or usage logging — test with non-sensitive prompts first. (4) If you need stronger assurances, prefer a known/trusted provider or a self-hosted model and request the skill author supply vendor documentation. Overall the skill is coherent, but treat the external data-sharing risk as the primary concern.
Review Dimensions
- Purpose & Capability
- okName/description (create images from text) match the SKILL.md: instructions call the Gilotex Image API endpoint and return base64 data URLs. There are no unexpected environment variables, binaries, or install steps requested.
- Instruction Scope
- noteInstructions explicitly direct the agent to POST prompts to https://gilotex.pro.vn/api/image and return base64 images. This is expected for an image-generation skill, but it means any prompt (including potentially sensitive text) will be transmitted to an external third party. The SKILL.md does not ask the agent to read local files or other unrelated system state.
- Install Mechanism
- okInstruction-only skill with no install spec or code files — nothing is written to disk or installed. This lowers local execution risk.
- Credentials
- okNo environment variables, credentials, or config paths are requested. The absence of required secrets is proportionate to the described public API usage (the endpoint appears to accept unauthenticated requests).
- Persistence & Privilege
- okSkill is not always-enabled and uses normal model invocation. It does not request persistent system privileges or modifications to other skills. Autonomous invocation is allowed by default but is not combined with other privilege escalations.