Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Nova Canvas
v1.1.0Generate images using Amazon Nova Canvas via AWS Bedrock. Supports multiple AWS auth methods: environment variables, credentials file, named profiles, IAM in...
⭐ 0· 56·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description say 'Nova Canvas via AWS Bedrock' and both SKILL.md and generate.py implement calls to Bedrock (boto3 or direct HTTPS with a bearer token). Requiring AWS credentials is appropriate for this purpose. However, the registry metadata lists no required environment variables or primary credential even though the implementation references AWS_BEARER_TOKEN_BEDROCK and standard AWS credential methods (env vars, ~/.aws/credentials, profiles, explicit keys). This mismatch is an omission in metadata (not necessarily malicious) but reduces transparency.
Instruction Scope
SKILL.md and the script limit actions to building a Bedrock text->image request, invoking the model, decoding base64 images, and saving them locally. The instructions do not ask the agent to read arbitrary unrelated files; the only OS/config access is the standard AWS credential chain (env vars, ~/.aws/credentials, instance role) which is required to authenticate to Bedrock. Minor mismatch: SKILL.md lists an auto-detection order that differs slightly from detect_auth_method in the script.
Install Mechanism
There is no install spec (instruction-only), which is low risk for supply-chain downloads. However, the script imports boto3 if using the boto3 path and prints an error if it's missing (suggests pip install boto3). The absence of dependency declaration in metadata is a transparency shortcoming — user must ensure boto3 is installed in the runtime environment.
Credentials
The skill legitimately needs AWS credentials to call Bedrock and the script accepts multiple auth methods (bearer token via AWS_BEARER_TOKEN_BEDROCK, access key/secret, session token, profile, instance role). That is proportional to the task. Concern: the registry metadata does not declare these environment variables or a primary credential, so users may not realize the skill will access local AWS credentials. Also the bearer-token env var name suggests platform-managed tokens; confirm what will supply that token. Use of long-lived high-privilege keys would be risky — the skill itself will send requests only to AWS Bedrock endpoints, but it will have whatever access the provided credentials permit.
Persistence & Privilege
always is false and the skill does not attempt to modify other skills, system-wide settings, or persist new credentials. It only writes output image files to the specified path and uses standard AWS credential resolution; no elevated persistence or privilege escalation is requested.
What to consider before installing
This skill appears to do what it says: call AWS Bedrock Nova Canvas and save images. Before installing, consider: (1) provenance — the source is unknown, so review the code yourself or run in an isolated environment; (2) credentials — the script will use AWS credentials (env vars, ~/.aws/credentials, profiles, instance role, or AWS_BEARER_TOKEN_BEDROCK). Do not supply high-privilege or long-lived credentials; create a least-privilege IAM role/policy scoped only to Bedrock (invoke-model) and prefer temporary session tokens. (3) dependency — boto3 may be required for the boto3 path; ensure your environment has it or the script will fail. (4) confirm you trust the bearer token provider if using AWS_BEARER_TOKEN_BEDROCK. If you cannot verify the owner or restrict credentials, run the script in a sandbox or decline installation.Like a lobster shell, security has layers — review code before you run it.
latestvk971vmhx63fxrajy0yhj4ej4bd83kdan
License
MIT-0
Free to use, modify, and redistribute. No attribution required.