ClawHub

Generate images & videos with: Gemini 3 Pro Image + Qwen Wan 2.6 (video) via one API key

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward AIsa media-generation helper that uses a declared API key, sends generation requests to AIsa, and saves user-requested outputs locally.

Install only if you trust AIsa and the publisher with your prompts, reference image URLs, task IDs, and API usage. Prefer the AISA_API_KEY environment variable over passing keys on the command line, monitor billing or quota, and use --download only for expected generated media paths.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Tainted flow: 'req' from os.environ.get (line 65, credential/environment) → urllib.request.urlopen (network output)

Critical
Category
Data Flow
Content
os.makedirs(os.path.dirname(out_path) or ".", exist_ok=True)
    req = urllib.request.Request(url, headers={"User-Agent": "OpenClaw-Media-Gen/1.0"})
    try:
        with urllib.request.urlopen(req, timeout=timeout_s) as resp, open(out_path, "wb") as f:
            total = 0
            while True:
                chunk = resp.read(1024 * 1024)  # 1MB
Confidence
88% confidence
Finding
with urllib.request.urlopen(req, timeout=timeout_s) as resp, open(out_path, "wb") as f:

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill metadata declares required environment variables and binaries and clearly documents network calls to external APIs, but the finding indicates these capabilities are not reflected in an explicit permissions model. That creates a trust and review gap: users may not realize the skill reads secrets from the environment and transmits prompts and referenced media to third-party services.

Missing User Warnings

Low
Confidence
78% confidence
Finding
The README states that generated image data is automatically saved to a local file and that video output can be auto-downloaded, but it does not prominently warn users about filesystem modifications. This can lead to unexpected writes, overwriting of files, or use in automation contexts where silent local changes are risky.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal