Skillv2.0.4

ClawScan security

Visual References · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 28, 2026, 12:50 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and code match its stated purpose (searching/downloading from Pexels); nothing requests unrelated credentials or suspicious installs, but a few small implementation/instruction quirks are worth noting before use.
Guidance: This skill appears to do what it says: it uses your PEXELS_API_KEY to call the Pexels API and download reference images. Before installing, consider: (1) Provide only a Pexels API key — the skill does not request other credentials. (2) The SKILL.md insists on using /tmp/visual-refs and the script cleans files named ref_* there; avoid using that same directory for unrelated files to prevent accidental deletion. (3) The docs instruct the agent not to 'read' or manually review references and to pass them directly into the generator — if you want a human or policy review of downloaded images (e.g., for licensing or objectionable content), use the alternative flow where the user picks references. (4) Verify the Pexels API key permissions and rate limits for your account (demo plan limits noted in docs). (5) Note the small implementation mismatch: metadata mentions the 'requests' package though the script uses urllib; that's likely harmless but indicates the package metadata could be stale. If those considerations are acceptable, the skill is coherent and proportionate to its purpose.

Review Dimensions

Purpose & Capability: okName/description match the actual behavior. The script and SKILL.md call the Pexels API and download images. Requested binary (python3) and required env var (PEXELS_API_KEY) are appropriate and proportional to the stated goal.
Instruction Scope: noteRuntime instructions stay within the purpose (search -> download -> pass as input_images). Two notable policy-like requirements are enforced in the docs: always use /tmp/visual-refs (the script also auto-cleans that folder) and the default flow tells the agent not to 'read' or manually review references but to pass all downloaded refs directly into generate_image. These are operational constraints (not security issues per se) but could cause collisions if another process used the same path and may reduce human review of licensing or content before generation.
Install Mechanism: okNo install spec — instruction-only plus a small Python script. The code uses only stdlib urllib and writes files under the declared output directory. No downloads/installers or third-party package pulls are present in the package.
Credentials: noteThe only environment variable required is PEXELS_API_KEY, which is appropriate. Minor mismatch: SKILL.md metadata lists a pip dependency 'requests', but the included script uses urllib (no import of requests). This is an implementation inconsistency (not an unexplained credential request).
Persistence & Privilege: okSkill is not always-enabled and does not request system-level persistence. It writes output only to the configured output directory and a metadata JSON file in that directory; no modifications to other skills or global agent settings are present.