Back to skill
Skillv1.0.1
ClawScan security
Openai Image Gen · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 11, 2026, 8:21 AM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The code does what the name/description claim (batch-generate images via the OpenAI Images API), but the skill metadata omits the required API key and the script allows overriding the API base URL (which could send your key to an arbitrary host) — these inconsistencies warrant caution.
- Guidance
- This skill's code looks consistent with its stated function, but the registry metadata failed to declare the required OPENAI_API_KEY (and optional OPENAI_BASE_URL / OPENAI_API_BASE). Before installing or running: (1) verify you want to provide your OpenAI API key and prefer using the --api-key flag or a dedicated environment variable; (2) do NOT set OPENAI_BASE_URL or OPENAI_API_BASE to unknown hosts (that would cause your API key to be sent to that host); (3) run with --dry-run first to inspect prompts, and review the script locally to satisfy yourself there are no surprises; and (4) be cautious about the SKILL.md file paths (they assume a particular local layout) and adjust commands to the actual install location.
Review Dimensions
- Purpose & Capability
- okThe included script implements batch image generation, prompt sampling, saving PNGs, prompts.json, and an index.html gallery — this matches the skill name and description.
- Instruction Scope
- noteSKILL.md tells the user to run the included Python script and open the gallery; it expects outputs in ~/Projects/tmp when present or ./tmp otherwise. The runtime instructions do not ask the agent to read unrelated system files or exfiltrate data, but they reference a specific repo-like path (~/Projects/agent-scripts/skills/openai-image-gen/scripts/gen.py) which may be incorrect for some installs and could confuse users.
- Install Mechanism
- okNo install spec or external downloads — the skill is instruction + a local script only, so nothing is fetched or installed automatically.
- Credentials
- concernSKILL.md and the script require an OpenAI API key (OPENAI_API_KEY) and accept OPENAI_BASE_URL / OPENAI_API_BASE overrides, but the registry metadata lists no required env vars or primary credential — this is an incoherence. Additionally, allowing OPENAI_BASE_URL/OPENAI_API_BASE to point anywhere means the script will send your Authorization header (the API key) to whatever host is configured, which could be abused if misconfigured or maliciously set.
- Persistence & Privilege
- okThe skill does not request persistent/always-on inclusion, does not modify other skills, and only writes output files into the chosen out directory; no elevated platform privileges are requested.