Back to skill

Security audit

Generate images & videos with: Gemini 3 Pro Image + Qwen Wan 2.6 (video) via one API key

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward AIsa media-generation helper that sends user prompts and reference image URLs to the declared AIsa API and saves requested outputs locally.

Install only if you trust AIsa and the publisher with your prompts, reference image URLs, task IDs, and API usage. Prefer AISA_API_KEY via the environment, avoid submitting secrets or private/internal URLs, monitor any paid quota, and use --download only for expected generated media paths.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Tainted flow: 'req' from os.environ.get (line 65, credential/environment) → urllib.request.urlopen (network output)

Critical
Category
Data Flow
Content
os.makedirs(os.path.dirname(out_path) or ".", exist_ok=True)
    req = urllib.request.Request(url, headers={"User-Agent": "OpenClaw-Media-Gen/1.0"})
    try:
        with urllib.request.urlopen(req, timeout=timeout_s) as resp, open(out_path, "wb") as f:
            total = 0
            while True:
                chunk = resp.read(1024 * 1024)  # 1MB
Confidence
86% confidence
Finding
with urllib.request.urlopen(req, timeout=timeout_s) as resp, open(out_path, "wb") as f:

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill declares required binaries and an API key in metadata, and the documentation clearly instructs users to invoke networked Python/curl commands, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: an agent or user may authorize the skill without understanding that it can read environment secrets and send data to an external service.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The README instructs users to send prompts and image URLs to a third-party API and to auto-download generated media locally, but it does not clearly warn about data disclosure, remote processing, or local file writes. In a media-generation skill, this omission can lead users to unknowingly transmit sensitive prompts or private image URLs and save untrusted output files to disk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description promotes media generation but does not explicitly warn that prompts and referenced image URLs are transmitted to AIsa and that generated outputs may be saved locally. This omission can cause users to unknowingly send sensitive prompts, private URLs, or regulated content to a third party and persist outputs on disk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.