Skillv0.0.2

ClawScan security

image-generator-custom · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 12, 2026, 2:23 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (calling a user-provided, OpenAI-compatible image-generation API) and the requested secrets and actions are proportional to that purpose.
Guidance: This skill appears to do what it says: call an OpenAI-compatible image-generation endpoint and save returned images. Before using it: 1) Only provide an API URL and API key for a trusted provider — the key will be sent as a Bearer token to whatever URL you configure. 2) Be aware the script prints the API URL and prompt to stdout (could appear in logs). 3) The script can also read platform credential variables named COZE_IMAGE_API_URL_<skill_id> and COZE_IMAGE_API_KEY_<skill_id> if your environment injects them — if you rely on platform-managed credentials, ensure those env names are expected. 4) Review the script if you want to confirm no outbound endpoints other than your configured IMAGE_API_URL are contacted. 5) Run it in a controlled directory because images are saved to the current working directory.

Review Dimensions

Purpose & Capability: okName and description say it calls third‑party image-generation APIs. The script only requires an API URL, API key, and optional model ID and performs HTTP calls to that URL to request and save images — this is coherent with the stated purpose.
Instruction Scope: noteSKILL.md instructs users to set IMAGE_API_URL, IMAGE_API_KEY, and optionally IMAGE_MODEL_ID, and the script uses those environment variables. The script also attempts to read platform-managed credential variables named COZE_IMAGE_*_{skill_id} (credential fallback) which are not documented in SKILL.md; this is a minor documentation mismatch but explainable as support for platform credential injection. The script prints the API URL and prompt to stdout (useful for debugging but could leak sensitive info into logs).
Install Mechanism: okNo install spec is provided (instruction-only) and the included Python script uses a system-provided requests wrapper and Pillow. Nothing is downloaded from arbitrary URLs or written to unexpected locations.
Credentials: okThe only secrets used are an API key and API URL (and an optional model id). These are proportional to the task. The extra COZE_... credential environment variable names in the script are consistent with platform-managed credentials but are not documented in SKILL.md.
Persistence & Privilege: okThe skill does not request persistent system privileges, does not set always:true, and does not modify other skills or system configuration. It only reads environment variables and writes image files to the current directory.