Skillv1.0.8

ClawScan security

TencentCloud Image AIGC Detection · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 31, 2026, 11:28 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement Tencent Cloud AIGC image-detection correctly, but the package metadata omits required credentials and the skill lacks an install spec and explicit dependency installation instructions — these inconsistencies merit caution before use.
Guidance: What to consider before installing: - The skill legitimately needs Tencent Cloud credentials (TENCENTCLOUD_SECRET_ID, TENCENTCLOUD_SECRET_KEY) and a BizType; set these only if you trust the skill and the account. Registry metadata currently omits these required env vars — treat that as a red flag and prefer skills whose metadata matches their runtime requirements. - The repository includes a Python script that calls ims.tencentcloudapi.com using the official SDK. Verify the code (scripts/main.py) yourself and confirm there are no extra hidden endpoints or hardcoded secrets. The visible code uses the official SDK and standard endpoints. - There is no install spec: you will need to install tencentcloud-sdk-python (pip) manually or allow the agent to install it. Prefer installing dependencies from a known source (PyPI) in a controlled environment (virtualenv) rather than running arbitrary install commands as root. - Prefer using temporary STS tokens (TENCENTCLOUD_TOKEN) and least-privilege credentials. Don't hard-code secret keys; avoid putting long-lived secrets in globally sourced shell profile files unless you understand the exposure. - Note the skill instructs the agent to run the detection automatically (without extra confirmation) when the user asks for image detection. If you want manual approval before network calls or credential usage, don't enable autonomous invocation or require the agent to ask for explicit consent before running the script. - What would reduce risk: update the registry metadata to declare required env vars and primary credential, add an explicit install spec (pip install step), and include a brief security/permission note about credential scope or recommended roles. If those corrections are made and you review the code yourself, the skill would be closer to benign.

Review Dimensions

Purpose & Capability: concernThe skill's name, SKILL.md, and scripts/main.py all implement Tencent Cloud Image AIGC detection and legitimately require Tencent Cloud API credentials and a BizType. However the registry metadata declares no required environment variables or primary credential, which is incorrect and inconsistent with the code and documentation.
Instruction Scope: noteSKILL.md instructs the agent to execute the included script for detection and to present configuration guidance if credentials are missing. It also instructs the agent to run the script autonomously without asking the user for confirmation when the user's intent matches detection queries. The instructions do not request unrelated files or external endpoints beyond Tencent Cloud APIs and official console links.
Install Mechanism: noteThere is no install spec in the registry. scripts/main.py imports the official tencentcloud-sdk-python and will exit with an error if it's not installed, and the SKILL.md tells the agent/deployer to install dependencies manually. Lack of an explicit install block (e.g., pip install step or packaged dependency declaration) is a deployment gap — not directly malicious but increases friction and risk of ad-hoc dependency installation.
Credentials: concernThe skill requires TENCENTCLOUD_SECRET_ID, TENCENTCLOUD_SECRET_KEY and TENCENTCLOUD_AIGC_RECOG_IMAGE_BIZ_TYPE (and optionally TENCENTCLOUD_TOKEN), which are exactly the credentials needed for the Tencent Cloud ImageModeration API. Those credentials are proportionate to the stated purpose — but the registry metadata failing to declare them is misleading and could cause accidental credential exposure or unexpected behavior.
Persistence & Privilege: notealways is false and the skill does not request persistent presence or system-wide changes. However, SKILL.md explicitly directs the agent to invoke the detection script autonomously and without asking confirmation when user intent matches; that increases the chance the agent will make network calls using the provided Tencent credentials without an extra user prompt. This is functional for the use case but worth awareness.