Skillv1.0.0

ClawScan security

apiyi-gpt-image-2-all-gen(基于API易代理站)-官逆版 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 24, 2026, 4:10 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill is largely what it claims (an APIyi-based image generator) but registry metadata and some textual claims conflict with the runtime behavior: it requires and uses an API key and makes external network calls despite declaring no credentials and claiming 'no external network', so the discrepancies warrant caution.
Guidance: This skill's code matches an API-powered image generator (it POSTs prompts and base64-encoded input images to https://api.apiyi.com). Before installing: (1) be aware you must provide an API key (APIYI_API_KEY) though the registry metadata omits it — treat that as a packaging error and verify the key usage policy with the provider; (2) understand that any local images you supply will be encoded and transmitted to a third-party service (possible privacy/data-exfiltration risk); (3) the SKILL.md claims 'no external network' but the scripts do contact external endpoints — do not trust that claim; (4) verify you trust api.apiyi.com (privacy, retention, billing); (5) run the scripts in an isolated/test environment and consider using a throwaway API key to confirm behavior; (6) ensure Python 'requests' is installed before running, or prefer the Node script if you cannot install packages. If you need the skill but want lower risk, ask the author/maintainer to correct metadata (declare APIYI_API_KEY), provide provenance for the API host, and document dependencies and privacy/billing implications.

Review Dimensions

Purpose & Capability: concernThe skill's stated purpose is image generation via APIyi and the included scripts implement that by calling https://api.apiyi.com/v1/chat/completions — that is coherent. However the SKILL.md (and code) require an API key and external network access while the skill description elsewhere claims '无需访问外网' and the registry metadata lists no required env/primary credential. This mismatch between declared metadata and actual capability is concerning.
Instruction Scope: concernRuntime instructions and scripts read local image files (encode them to base64) and transmit them to the external API, write output files to disk, and expect the API key (APIYI_API_KEY) to be present — all reasonable for an image-editing skill. But SKILL.md claims 'no external network' while the scripts clearly POST to an external endpoint and may download images from URLs returned by the service. Also the SKILL.md/metadata do not list the environment variable the scripts require (APIYI_API_KEY).
Install Mechanism: noteThere is no install spec (instruction-only) which minimizes install risk. However the package includes Python and Node scripts: the Python script requires the third-party 'requests' library (which will have to be installed manually) while Node uses only built-in modules. The metadata does not declare this dependency.
Credentials: concernRegistry metadata declares no required environment variables or primary credential, but both SKILL.md and the code require an API key (APIYI_API_KEY) and will fail without it. The skill will send any supplied local input images and prompts to a third-party service, so access to that API key is sensitive and the absence of that requirement in metadata is a proportionality/information mismatch that could mislead users.
Persistence & Privilege: okThe skill does not request persistent/always-on privileges, does not modify other skills or global agent config, and does not ask to be force-included. Normal autonomous invocation is allowed (default) but not combined with other elevated privileges.