ClawHub
Back to skill

Security audit

pic-gen

Security checks across malware telemetry and agentic risk

Overview

This image-generation skill is coherent and disclosed, but users should handle API keys and dependencies carefully.

Install in an isolated environment, prefer environment variables over saving API keys in config/models.yaml, avoid sharing that config file after adding real keys, and consider pinning reviewed dependency versions before regular use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the bot to accept API keys in chat and persist them into config/models.yaml, creating a secret-handling risk. Persisting secrets from conversational input can expose them through logs, transcripts, file sync, backups, repo commits, or later readback if access controls are weak.

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.28.0
pyyaml>=6.0
banana-dev>=1.0.0
Confidence
96% confidence
Finding
requests>=2.28.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.28.0
pyyaml>=6.0
banana-dev>=1.0.0
Confidence
98% confidence
Finding
pyyaml>=6.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.28.0
pyyaml>=6.0
banana-dev>=1.0.0
Confidence
89% confidence
Finding
banana-dev>=1.0.0

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
91% confidence
Finding
requests

Known Vulnerable Dependency: pyyaml — 8 advisory(ies): CVE-2019-20477 (Deserialization of Untrusted Data in PyYAML); CVE-2020-1747 (Improper Input Validation in PyYAML); CVE-2020-14343 (Improper Input Validation in PyYAML) +5 more

Critical
Category
Supply Chain
Confidence
97% confidence
Finding
pyyaml

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal