Skillv1.1.1

ClawScan security

Maliang Image · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 2, 2026, 1:04 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's functionality matches its description, but there are inconsistencies around credential handling and some unverifiable data‑handling claims that warrant caution before installing.
Guidance: This skill appears to do what it says (call nano.djdog.ai to generate/edit images), but exercise caution before installing. Key points to consider: - The skill auto-provisions an API key by calling https://nano.djdog.ai/api/v1/provision and instructs you to save it as MALIANG_API_KEY, yet the registry metadata does not declare that env var — ask the publisher to declare MALIANG_API_KEY as a required/primary credential for clarity. - The skill will upload images you provide (local files or URLs). Do not supply any sensitive local files or URLs you do not want transmitted to an external service. Prefer pasting images explicitly intended to be uploaded. - The SKILL.md claims images are not stored permanently on the server; that is a promise by the third‑party service (nano.djdog.ai) and not enforced by this skill. Verify the service's privacy/security policy before sending private content. - If you are uncomfortable with automatic provisioning, consider provisioning the API key manually on the service and setting MALIANG_API_KEY yourself, or ask for the skill metadata to be updated to declare the env var. - Because source/homepage information is sparse in the registry metadata, verify the trustworthiness of nano.djdog.ai (homepage in SKILL.md) and that HTTPS endpoints are correct. If the publisher updates the skill metadata to explicitly list MALIANG_API_KEY in requires.env/primaryEnv and provides an authoritative privacy/security statement for nano.djdog.ai, this evaluation would likely move to benign. For now, treat it as suspicious and proceed only if you trust the external service and are careful about which images/files you provide.

Review Dimensions

Purpose & Capability: okName/description (image generation & editing via Maliang/Gemini) align with the SKILL.md: it uses curl to call nano.djdog.ai endpoints for generate/edit tasks and polling. Required binary (curl) is appropriate and proportionate.
Instruction Scope: concernThe runtime instructions tell the agent to auto‑provision an API key, store it in the environment as MALIANG_API_KEY, read local files (when the user supplies paths), download user-supplied URLs, and base64-encode content prior to upload. Those actions are expected for an image-edit skill, but the instructions reference MALIANG_API_KEY even though the registry metadata lists no required env vars. The SKILL.md also asserts 'images are not stored permanently on the server' — that is a trust claim in an external service and not verifiable from the instructions alone.
Install Mechanism: okInstruction-only skill with no install spec or code files — low installation risk. It relies on curl (already declared), so nothing is downloaded or executed by an install step.
Credentials: concernThe skill will create and use an API key (MALIANG_API_KEY) but the registry entry declares no required env vars or primary credential. The instructions require storing this key locally and using it for all requests; that should have been declared in requires.env/primaryEnv. This mismatch is a transparency issue and increases risk because the platform metadata doesn't advertise the main credential the skill will use.
Persistence & Privilege: notealways:false and autonomous invocation allowed (default) — appropriate. The skill instructs storing an API key in the environment (persistence local to the user), which is reasonable for usage but is not surfaced in registry metadata; no skill-level always:true or cross-skill config modification is present.