Back to skill

Security audit

AIsa Media Gen

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward AIsa media-generation helper that sends user prompts to the AIsa API and saves generated media only when invoked.

Install only if you trust AIsa and the publisher with your prompts, referenced image URLs, task IDs, and AISA_API_KEY. Avoid submitting secrets or private media references, keep the API key out of logs and committed files, and use explicit output paths because generated media may be saved or overwritten locally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Tainted flow: 'req' from os.environ.get (line 65, credential/environment) → urllib.request.urlopen (network output)

Critical
Category
Data Flow
Content
os.makedirs(os.path.dirname(out_path) or ".", exist_ok=True)
    req = urllib.request.Request(url, headers={"User-Agent": "OpenClaw-Media-Gen/1.0"})
    try:
        with urllib.request.urlopen(req, timeout=timeout_s) as resp, open(out_path, "wb") as f:
            total = 0
            while True:
                chunk = resp.read(1024 * 1024)  # 1MB
Confidence
88% confidence
Finding
with urllib.request.urlopen(req, timeout=timeout_s) as resp, open(out_path, "wb") as f:

Missing User Warnings

Low
Confidence
85% confidence
Finding
The documentation states that client scripts automatically save generated files locally and can auto-download an MP4, but it does not prominently warn users that running the commands will modify the local filesystem. In an agent or automation context, implicit writes can surprise users, overwrite files, or place unreviewed content on disk.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The skill instructs users to export an API key but does not label it as sensitive or warn against logging, sharing, or hardcoding it. This increases the risk of credential exposure through shell history, screenshots, copied session logs, or accidental publication.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.