Back to skill
Skillv1.0.0
ClawScan security
Zai Vision · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 29, 2026, 4:03 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill appears to implement image/video analysis correctly, but its metadata omits a required API credential and the scripts will encode and transmit your media to an external Z.AI service — review before installing or sending sensitive images.
- Guidance
- Key points to consider before installing: - The scripts require a ZAI_API_KEY environment variable but the skill metadata does not list it — the skill will fail unless you provide the API key. Ask the publisher to update the manifest to declare this required credential. - Using the skill will base64-encode and send your image/video bytes to Z.AI's API (via the 'zai-sdk' client). Do not run this skill on sensitive or confidential images unless you trust the Z.AI service and your API key's access policies. - The package recommends installing 'zai-sdk' from PyPI. Verify the package source and maintainers (supply-chain risk) before installation in sensitive environments. - Examples use absolute paths under /root/clawd and recommend 'clawd-run' — review and adapt paths for your environment rather than copy-pasting. - If you need higher assurance: request the publisher declare required env vars and provide a provenance link (homepage/repo), or inspect the zai-sdk package source (or vendor a vetted client) before use.
Review Dimensions
- Purpose & Capability
- noteThe skill's name, description, scripts, and docs consistently implement a vision-analysis client for Z.AI's GLM-4.6V model — that capability is coherent. However, the skill registry metadata claims no required environment variables or primary credential, while the scripts and SKILL.md require a ZAI_API_KEY. This mismatch is an inconsistency that should be corrected.
- Instruction Scope
- noteSKILL.md and the scripts limit operations to encoding local images/videos and sending them to the Z.AI API; they do not attempt to read unrelated system files or credentials. Examples use absolute paths (/root/clawd) and recommend clawd-run; these are examples but could be misleading if users copy paths verbatim. The instructions explicitly require an API key and recommend pip install zai-sdk.
- Install Mechanism
- okThere is no automated install spec (instruction-only). The docs recommend 'pip install zai-sdk' which is a normal, low-risk package install from PyPI — no arbitrary URL downloads, no archive extraction, and no custom install hooks are present in the skill bundle.
- Credentials
- concernThe scripts require the single environment variable ZAI_API_KEY (checked at runtime and the program exits if absent), but the package metadata did not declare this required credential. This omission is a proportionality / transparency issue. Aside from the API key, no other credentials are requested. Note: media files are base64-embedded and transmitted to the external API, which has privacy implications.
- Persistence & Privilege
- okThe skill is not always-included and does not request elevated or permanent presence. It does not modify other skills or system-wide configuration. Autonomous invocation is allowed (platform default) but not combined with other red flags here.