Skillv1.0.1

ClawScan security

Z-Image AI Image Generator – Create High-Quality Images from Text Instantly · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 10, 2026, 7:41 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only wrapper for the WeShop (openapi.weshop.ai) image-generation API; its required API key and instructions align with that purpose and it does not request unrelated credentials or install code.
Guidance: This skill appears coherent and limited to calling WeShop's image-generation API. Before installing: (1) only provide your WESHOP_API_KEY if you obtained it from the official WeShop site; (2) avoid pasting the key into open chat — let the platform set WESHOP_API_KEY in a secure environment variable; (3) when uploading local images, confirm the agent only sends files you intend to share; and (4) because this is instruction-only (no code included), trust depends on the platform enforcing that requests actually go to openapi.weshop.ai as stated.

Review Dimensions

Purpose & Capability: okName/description match the declared API endpoints and the single required env var (WESHOP_API_KEY). Nothing requested (binaries, extra env vars, config paths) is unrelated to text-to-image generation via WeShop.
Instruction Scope: okSKILL.md confines runtime actions to calling openapi.weshop.ai endpoints, polling run status, and optionally uploading a local image; it explicitly warns not to send the API key to other domains and instructs checking WESHOP_API_KEY before prompting the user.
Install Mechanism: okNo install spec and no code files — instruction-only skill. No downloads or archive extraction are present.
Credentials: okOnly a single API key (WESHOP_API_KEY) is required; this is proportionate for a cloud API integration and is declared as the primary credential.
Persistence & Privilege: okalways:false and no install actions; the skill does not request elevated persistence or access to other skills' configs.