ClawHub
Back to plugin

Security audit

54VVIP Provider

Security checks across malware telemetry and agentic risk

Overview

The plugin mostly does what it claims, but it can automatically write image-generation error details to /tmp, which may expose prompts or provider diagnostics on the local machine.

Review before installing if you may use confidential prompts or images. Treat 54VVIP as an external service, avoid private or regulated media unless approved, and be aware that failed image requests may leave diagnostic JSON files under /tmp or LOG_DIR that should be deleted or protected.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
This provider writes request/debug artifacts and server error responses to the local filesystem, which is unnecessary for core image-generation behavior and can expose sensitive operational data. Even though the API key is redacted in the debug request file, logged URLs, request bodies, response headers, and error bodies may contain prompts, internal endpoints, provider metadata, or other sensitive data that can be read by other local users or later exfiltrated.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The guide explicitly encourages passing local file paths and public URLs as image inputs to an external image generation tool, but it does not warn that those images may be uploaded to or fetched by a third-party service. This can lead users to submit sensitive local images or internal-only resources without understanding the data disclosure implications, creating privacy and confidentiality risk rather than direct code execution.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
On HTTP errors, the code persists the provider's response body and headers to disk and includes the dump path in the thrown error. This can leak sensitive content from upstream responses, including user prompts, provider diagnostics, account identifiers, or transient tokens, and the risk is increased because LOG_DIR defaults to /tmp, a commonly shared location on multi-user systems.

VirusTotal

63/63 vendors flagged this plugin as clean.

View on VirusTotal