LiblibAI Image & Video Gen
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill can submit media-generation jobs to LiblibAI with the content you provide.
The client sends generation requests to the LiblibAI API. This is expected for the skill's purpose, but it means user prompts and reference image URLs are transmitted to a third-party generation service and may consume account credits.
BASE_URL = "https://openapi.liblibai.cloud" ... requests.post(url, params=params, json=body, headers={"Content-Type": "application/json"}, timeout=30)Use it only with prompts and image URLs you intend to send to LiblibAI, and review costly or sensitive generation requests before running them.
The skill operates using your LiblibAI account authority and may spend credits or access generation tasks tied to that account.
The skill requires LiblibAI API credentials. This is purpose-aligned and the script uses them for signed API calls, but the registry metadata lists no required env vars or primary credential, so users may not see that credential requirement at install time.
Environment variables must be set: - `LIB_ACCESS_KEY` — API access key - `LIB_SECRET_KEY` — API secret key
Set these keys only if you trust the skill, prefer restricted or dedicated API keys if available, and rotate keys if they are shared or exposed.