ClawHub

ImageCompress

Security checks across malware telemetry and agentic risk

Overview

The skill does compress selected images as advertised, but it uses browser/client spoofing against TinyPNG/Tinify web endpoints and can overwrite originals, so users should review it before installing.

Install only if you are comfortable sending selected images to TinyPNG/Tinify servers and with a tool that simulates browser requests rather than using the official API. Avoid private or sensitive images, avoid heavy automated use, and use --overwrite only after keeping backups.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
96% confidence
Finding
The skill explicitly performs network operations against tinypng.com/tinify.cn but does not declare any corresponding permission or capability boundary. Undeclared outbound network access is dangerous because users and host systems cannot accurately assess data exfiltration risk, especially here where local image files are uploaded to a third-party service for processing.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The function deliberately forges browser-like and client-origin headers, including randomized User-Agent values and fake X-Forwarded-For IPs, to make requests look like they come from different clients. This is an evasion mechanism rather than a compression requirement, and it increases abuse potential by helping bypass service controls or attribution.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The code contains explicit anti-rate-limit evasion behavior: a pool of rotating User-Agent strings, forged client IP headers, retry logic, and request spacing designed to keep using a free web endpoint while avoiding restriction. In the context of an image compression skill, this is unjustified and can facilitate abuse of a third-party service or violation of its access controls and terms.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill uploads full image contents to TinyPNG/Tinify third-party servers, but the top-level description emphasizes convenience and free use without clearly warning users that their files leave the local machine. This creates a privacy and data-handling risk, especially if users compress sensitive screenshots, documents, or proprietary images.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The documented overwrite mode enables irreversible replacement of the original file, and the implementation writes directly to the source path with no confirmation, backup, or atomic temp-file swap. If compression output is bad, truncated, or downloaded incorrectly, the user can lose the original asset permanently.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal