ClawHub

摸鱼日报和百度热搜等图片生成,持续升级中

Security checks across malware telemetry and agentic risk

Overview

This is a coherent poster-generation skill, but users should expect outbound API/image requests and local output/cache files during rendering.

Install in an isolated Python environment, pin dependency versions if reproducible builds matter, and expect network calls to public APIs and remote image hosts when rendering live posters. Only render JSON specs and image/API URLs you trust, especially in environments where localhost or private-network requests would be sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The renderer performs unsolicited outbound network access to multiple third-party APIs and remote image URLs, even though it presents itself as a local JSON-to-SVG rendering utility. This expands the trust boundary significantly: rendering untrusted specs can trigger SSRF-like requests, leak network metadata, fetch attacker-controlled content, and embed unbounded remote payloads into the output.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The code adds automatic retrieval of news, quotes, horoscope data, and remote images from external services unrelated to the core act of SVG rendering. Because several API URLs are spec-configurable, an attacker controlling input can direct the process to arbitrary endpoints, causing server-side requests and ingestion of attacker-supplied data into files and memory.

Unpinned Dependencies

Low
Category
Supply Chain
Content
resvg_py>=0.2.6
Pillow>=10.0.0
Confidence
93% confidence
Finding
resvg_py>=0.2.6

Unpinned Dependencies

Low
Category
Supply Chain
Content
resvg_py>=0.2.6
Pillow>=10.0.0
Confidence
97% confidence
Finding
Pillow>=10.0.0

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal