Bria — AI Image Generation, Editing & Background Removal
View on ClawHub↗100Critical
The skill uses an unaudited external script, risking
Behavior Analysis
Description verified — behavior matches claim
Claims to do
Bria — AI Image Generation, Editing & Background Removal: Commercially safe, royalty-free image generation and editing through 20+ API endpoints. Generate from text, edit with natural language, remove backgrounds, create product shots, and build automated image pipelines.
Actually does
This skill uses `curl` to interact with Bria AI's API endpoints for image generation, editing, and background removal. It performs an OAuth device flow for authentication, storing `access_token`, `refresh_token`, and `api_token` in `~/.bria/credentials`. It contacts Bria's authentication and image processing URLs (e.g., `https://engine.prod.bria-api.com/v2/auth/device/authorize`, `https://engine.prod.bria-api.com/v2/image/generate`), and can process local or remote image files.
Skill Info
Namegalbria/bria-ai
Registryclawhub
Version1.3.0
PURLpkg:clawhub/galbria/bria-ai@1.3.0
Stars4
Downloads1,656
Installs1
Source
SHA-2561263e676d928...
SHA-11aa7da402955...
MD5a8a236a5fb0f...
TLSHa9520916fb91...
ssdeep384:c3UIhXt0...
Size14,006 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
ClawHubDocs
openclaw skills install galbria/bria-aiAssessments (1)
AI Agent Traps ↗Access to sensitive environment variables detectedcriticalcredential theft
Access to sensitive environment variables detected
100% confidenceline 111
$ACCESS_TOKEN
Supply Chain Risk: Unaudited External Scripthighsupply chain
The skill sources an external shell script (`bria_client.sh`) which is not provided for analysis. The security of the `bria_call` function, handling critical operations like API calls and file encoding, depends entirely on the integrity and security of this unaudited script.
100% confidenceline 188
source ~/.agents/skills/bria-ai/references/code-examples/bria_client.sh
Potential Command Injection & Data Exfiltration via bria_callcriticalcommand execution, data exfiltration
The `bria_call` function, implemented in the unaudited `bria_client.sh`, accepts raw string arguments for JSON fields and local file paths. This design creates a high risk of command injection if arguments are not properly sanitized, and a significant data exfiltration risk by reading arbitrary local files and sending their base64 encoded content to the Bria API.
90% confidenceline 152
RESULT=$(bria_call /v2/image/generate "" '"prompt": "your description"...') RESULT=$(bria_call /v2/image/edit/remove_background "/path/to/local/image.png")
Persistent Storage of API Credentialsmediumhardcoded secrets
The skill stores `access_token` and `refresh_token` in plain text within `~/.bria/credentials`. While intended functionality, this creates a persistent target for attackers, as these credentials could be easily exfiltrated or misused if the agent's environment is compromised.
100% confidenceline 115
printf 'access_token=%s\nrefresh_token=%s\n' "$BRIA_ACCESS_TOKEN" "$REFRESH_TOKEN" > "$HOME/.bria/credentials"
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/clawhub/galbria/bria-ai)HTML
<a href="https://mondoo.com/ai-agent-security/skills/clawhub/galbria/bria-ai"><img src="https://mondoo.com/ai-agent-security/api/badge/clawhub/galbria/bria-ai.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/clawhub/galbria/bria-ai.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow