ClawHub

Wallpaper Claw Skill

Security checks across malware telemetry and agentic risk

Overview

This is a small wallpaper-generation skill that sends user prompts and an API token to a disclosed third-party image service, with no evidence of hidden persistence, local data harvesting, or destructive behavior.

Install only if you are comfortable sending wallpaper prompts, optional reference IDs, and a Neta/TalesOfAI API token to api.talesofai.com. Use a revocable service-specific token, avoid passing tokens on shared machines or in logged terminals/CI, and rotate the token if it may have appeared in shell history or logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (9)

Lp3

Medium
Category
MCP Least Privilege
Confidence
82% confidence
Finding
The skill advertises only basic usage metadata in SKILL.md, yet the associated capability profile indicates outbound network access without an explicit permission declaration. Hidden or undeclared network behavior reduces transparency for users and reviewers, and can enable unexpected data exfiltration or calls to third-party services when prompts or tokens are supplied.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The documented purpose says the skill uses the Neta API for wallpaper generation, but the analysis indicates different external endpoints and additional behaviors not disclosed to the user. This kind of description/behavior mismatch is dangerous because it can conceal data flows, mislead users into sending prompts or API tokens to an unexpected service, and indicate the skill is doing more than its stated function.

Description-Behavior Mismatch

Medium
Confidence
99% confidence
Finding
The skill metadata says it uses the Neta AI image generation API, but the implementation actually sends requests to api.talesofai.com. This is a real integrity and transparency issue because users may provide prompts and API tokens under false assumptions about the service receiving them, increasing the risk of credential misuse or undisclosed third-party data sharing.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README explicitly instructs users to supply an API token via a command-line flag, which can expose the credential through shell history, process listings, terminal logging, or screenshots. This is a real security weakness in documentation because users commonly copy-paste these commands, and the token grants access to a third-party API service.

Vague Triggers

Medium
Confidence
74% confidence
Finding
The invocation guidance is broad enough to trigger on common user requests such as 'generate' or 'create' wallpaper images, which can cause the skill to activate in situations the user did not explicitly intend. In a networked skill that accepts prompts and API tokens, overly loose triggering increases the chance of unintended external requests and accidental disclosure of user-supplied data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script requires the API token to be passed via the command line (`--token`) and then reuses it in request headers. Command-line arguments are commonly exposed through shell history, process listings, job logs, and orchestration tooling, so other local users or monitoring systems may capture the credential and reuse it against the remote API.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The code transmits both the user prompt and the provided token to an external API, but there is no user-facing disclosure in the skill itself that this data will leave the local environment and be sent to talesofai.com. In a skill context, undisclosed outbound transmission of user content and credentials is security-relevant because users may unknowingly expose sensitive prompts or reuse tokens not meant for this service.

External Transmission

Medium
Category
Data Exfiltration
Content
}

// --- Submit job ---
const makeRes = await fetch("https://api.talesofai.com/v3/make_image", {
  method: "POST",
  headers,
  body: JSON.stringify(body),
Confidence
84% confidence
Finding
fetch("https://api.talesofai.com/v3/make_image", { method: "POST"

External Transmission

Medium
Category
Data Exfiltration
Content
}

// --- Submit job ---
const makeRes = await fetch("https://api.talesofai.com/v3/make_image", {
  method: "POST",
  headers,
  body: JSON.stringify(body),
Confidence
84% confidence
Finding
https://api.talesofai.com/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal