Skillv1.0.0

ClawScan security

Social Media Content Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 4, 2026, 6:45 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent with its stated purpose — a local image generator for two brands using Pillow — and does not request credentials, network access, or install arbitrary code; only minor documentation/implementation mismatches were found.
Guidance: This package appears to be what it says: a local image generator using Pillow and simple templates. Before installing or running it: 1) note the minor doc/code mismatches — SKILL.md mentions OpenCV/API triggers and template placeholders, but index.py only uses Pillow, offers a CLI, and does not perform placeholder substitution; you may need to preprocess templates or modify index.py to replace placeholders. 2) There are no network calls or credential requests, so it doesn't exfiltrate secrets, but it will write files to the output path you supply (default ./output) — run it in a sandbox or controlled folder first. 3) Install only trusted versions of dependencies (Pillow/numpy) from your package manager. 4) If you expect scheduled or API-triggered behavior, implement or review that code before enabling automated invocation. Overall this skill is low-risk but has small functional gaps to fix before production use.

Review Dimensions

Purpose & Capability: noteName and description match the included code and templates: index.py generates images for the two brands and templates exist for carousel/infographic/oneliner. Minor mismatches: SKILL.md mentions OpenCV but the code uses Pillow only, and SKILL.md lists 'API trigger' and 'scheduled content calendar' though the shipped code only provides a CLI. These are implementation/documentation inconsistencies but not security risks.
Instruction Scope: noteThe SKILL.md instructions and inputs describe image generation and template variables only. There are no instructions that read unrelated files, access environment variables, or send data externally. The one scope discrepancy is that templates include placeholder tokens (e.g., {{HEADLINE}}) but index.py simply loads JSON and does not perform placeholder substitution — this is a functional bug, not malicious behavior.
Install Mechanism: okNo install spec is provided (instruction-only + bundled code). There is no download-from-URL or extract step, and no binaries are created outside the package; installation risk is low. The declared dependencies (Pillow, numpy) are reasonable for image work, although numpy is unused in the provided code.
Credentials: okThe skill declares no required environment variables, no credential access, and no privileged config paths. The code performs only local file I/O to an output directory and does not access secrets or network endpoints.
Persistence & Privilege: okThe skill does not request always:true and does not modify other skills or system-wide configuration. It runs as a normal CLI module and writes generated images to a local output directory (default ./output).