Back to skill
Skillv1.0.2
ClawScan security
nanobanana2-apiyi · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 16, 2026, 8:50 AM
- Verdict
- Review
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions are mostly consistent with an image-generation integration, but there are clear documentation/behavior mismatches and a missing dependency declaration that should be resolved before trusting or deploying it.
- Guidance
- This skill appears to be a straightforward APIYI image-generation integration, but there are a few red flags you should address before installing or using it: (1) Configuration mismatch — the SKILL.md shows storing a key under skills.nano-banana2-apiyi.apiKey, but the script expects env.APIYI_API_KEY in ~/.openclaw/openclaw.json or the OS environment (or a CLI flag). Decide which method you'll use and update the file or invocation accordingly. (2) The Python script requires the 'requests' package but the skill only declares python3; make sure you install requests in the environment that will run the script. (3) The script makes outbound HTTPS requests to https://api.apiyi.com — provide an API key only if you trust that endpoint and the publisher. (4) The --debug-key flag prints path/home/file-existence info (no secret), so avoid using debug flags in untrusted contexts. If you need higher assurance, ask the publisher to: correct the documentation to match runtime behavior, explicitly declare Python dependencies (requests), and provide provenance for the api.apiyi.com endpoint. If you don't trust the source, run the script in an isolated environment or inspect network traffic before providing any real API key.
Review Dimensions
- Purpose & Capability
- noteName/description, required env var (APIYI_API_KEY), and the script's outbound HTTPS calls to api.apiyi.com all align with an APIYI/Gemini image-generation skill. Requiring python3 and a single API key is proportionate for this purpose.
- Instruction Scope
- concernSKILL.md and the runtime script disagree about where the API key is stored: SKILL.md shows an openclaw.json structure under skills.nano-banana2-apiyi.apiKey, while the script looks for env.APIYI_API_KEY in ~/.openclaw/openclaw.json or the OS env var (or CLI). This mismatch could cause confusion and accidental misconfiguration. The script reads ~/.openclaw/openclaw.json (top-level env key) and may print debug info (home path, file existence) if --debug-key is used; it does not leak the key itself.
- Install Mechanism
- noteInstruction-only skill with an included Python script (no install spec). The script imports the third-party 'requests' module but the registry only lists python3 as a required binary — 'requests' is not declared or installed automatically, which is an operational (not directly security) omission. No downloads or archive extracts are present.
- Credentials
- noteOnly APIYI_API_KEY is requested as a credential (declared as primaryEnv). The script checks CLI override, ~/.openclaw/openclaw.json env.APIYI_API_KEY, then OS env var — behavior is reasonable but should be reflected accurately in docs. The --debug-key flag reveals only metadata about where the key came from and a fingerprint-like summary, not the full secret. No other unrelated credentials or config paths are accessed.
- Persistence & Privilege
- okThe skill does not request 'always: true', does not modify other skills, and does not write to global agent configuration. It only reads an optional local config file and environment variables. Autonomous invocation is allowed by default but not combined with other high-risk signals.