Skillv0.1.0

ClawScan security

Huo15 Comic Dub · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 27, 2026, 6:07 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's purpose (generate per-line TTS WAVs) matches the code, but the package metadata omits important runtime requirements (an ARK_API_KEY and Python requests), and the instructions don’t declare or justify those credentials — this mismatch is concerning.
Guidance: This skill appears to do what its description says (generate per-dialogue WAVs using Volcengine/Ark TTS), but there are a few red flags to consider before installing or running it: - It requires an ARK_API_KEY environment variable (ArkClient will raise an error if it is missing), but the skill metadata and SKILL.md do not declare this. Do not provide a production API key unless you trust the code and owner. - The Python 'requests' package is used but not declared; ensure your environment has the required Python dependencies and run in an isolated/test environment first. - The code will make network requests to volcengine (ark.cn-beijing.volces.com) and will send your ARK_API_KEY as a Bearer token; verify provider, billing, and permissions associated with that key. Confirm you accept potential TTS costs (SKILL.md mentions per-character pricing). - The skill writes output files and two bookkeeping files (.checkpoint.json and .cost.json) into the project directory. If you’re concerned about residual data, run it in a disposable directory or container. - The package owner and homepage are unknown; if you need higher assurance, request provenance (source repo, publisher identity) or audit the code yourself. At minimum, run the tool with a restricted/test API key and review network traffic if possible. If you accept these points, provide an appropriate ARK_API_KEY and ensure Python dependencies are installed before use.

Review Dimensions

Purpose & Capability: concernThe code and SKILL.md implement comic TTS via Volcengine/Ark (Seed-TTS) which fits the declared purpose. However the runtime requires an ARK_API_KEY (ArkClient raises if missing) and network access to volcengine endpoints; the registry metadata claimed no required env vars or binaries — that is inconsistent.
Instruction Scope: concernSKILL.md instructs running scripts/dub.py with a script.json and output dir, which is in-scope. But the runtime instructions omit that an ARK_API_KEY is required and that the code will make HTTP calls to external APIs and write files (.wav, manifest.json, .checkpoint.json, .cost.json). Those side-effects and credential needs should be declared.
Install Mechanism: noteNo install spec (instruction-only) — lower risk. However the bundled Python code depends on the 'requests' package (not declared) and expects a Python runtime. There is no mention of required Python packages or versions in SKILL.md or metadata.
Credentials: concernThe skill will send the ARK_API_KEY as a Bearer token to Volcengine endpoints; that credential is required by the code but not declared under required env vars or primary credential. Config also lists other third‑party endpoints (Suno/Kling) though they are not invoked by dub.py — worth noting but may be shared-library leftovers.
Persistence & Privilege: okThe skill does not request special platform privileges or 'always' inclusion. It writes per-project files (.wav outputs, manifest.json, .checkpoint.json, .cost.json) within the provided output/project directory — normal for a media-processing tool.