Pluginv2.2.0

ClawScan security

Venice.ai Media Generation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 29, 2026, 2:34 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The plugin appears to implement Venice.ai image/video features that match its name, but there are multiple small inconsistencies (missing install spec despite shipped code, differing auth commands and config defaults across docs) that warrant review before installing.
Guidance: This plugin appears to do what it claims (Venice.ai image/video generation) and does not request unexpected credentials, but there are a few red flags to check before installing: - Confirm how authentication is stored: the plugin expects a Venice API key in OpenClaw's provider auth store. Make sure you understand and trust OpenClaw's auth storage and that you are entering your Venice API key via the documented openclaw command. - Documentation mismatches: SKILL.md, README and other files use different auth commands and default values. Pick the correct auth command for your OpenClaw version (compare 'paste-token' vs 'setup-token') or test in a safe environment first. - Registry metadata vs repository contents: the registry marked this as 'instruction-only' but the package includes source and a package-lock. Ensure your installation path (ClawHub or installing from source) is the intended one and inspect package.json before running npm install. - Output files: the plugin creates files under your home directory (~/Downloads/venice-ai-output by default). If you prefer a different location, set outputDir in your OpenClaw config to avoid filling a shared Downloads folder. If you want higher confidence, ask the maintainer to clarify the install instructions and to correct the documentation inconsistencies, or run the plugin in an isolated environment (container or VM) and verify it only calls Venice.ai endpoints and uses the API key only for intended requests.

Review Dimensions

Purpose & Capability: okName/description, code, and docs all implement image and video generation via the Venice.ai API. Models, endpoints, and features listed in SKILL.md match the code (image generation, edits, queue/poll video flow). The required credential (Venice API key) is provided via OpenClaw's provider auth rather than environment variables, which is a reasonable design choice.
Instruction Scope: noteSKILL.md and README instruct only to configure Venice API key via OpenClaw and to set plugin config in ~/.openclaw/openclaw.json. That is within scope. However there are inconsistencies across documentation: e.g., README uses 'openclaw models auth paste-token --provider venice' while SKILL.md shows 'openclaw models auth setup-token --provider venice' (different commands), and several config defaults differ between SKILL.md, README, CHANGELOG and openclaw.plugin.json. These doc mismatches could confuse users and cause misconfiguration.
Install Mechanism: concernRegistry lists 'No install spec — this is an instruction-only skill' yet the package contains full source, dist/, package.json, and package-lock.json. That mismatch is odd: the skill will be installed as a plugin (openclaw plugins install) per docs, but the registry metadata not declaring an install spec could be an oversight. The code does not download arbitrary third-party archives; dependencies are standard npm packages pulled via package.json/package-lock. The release workflows publish to npm and ClawHub, which is normal. Overall install risk is low, but the metadata/code mismatch should be clarified.
Credentials: noteThe skill declares no required environment variables, and it does not request unrelated credentials. It uses OpenClaw's provider-auth runtime calls to resolve a Venice API key from the agent's auth store; that is proportional to the stated purpose. Note: because the key is managed by OpenClaw, the plugin does not list a primaryEnv — this is acceptable but users should be aware the plugin will read the provider auth store (not an OS env var).
Persistence & Privilege: okNo 'always: true' or other elevated privileges. The plugin writes generated media to a configurable output directory (defaults to ~/Downloads/venice-ai-output) and registers as normal OpenClaw providers. It performs network calls only to configurable Venice.ai baseUrl (default https://api.venice.ai/api/v1). This behavior is expected for a media generation plugin.