ClawHub

庄的配图创作 Master

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed infochart prompt helper with optional fal.ai image generation after user approval; the main cautions are third-party prompt processing and local run metadata.

Install if you are comfortable with approved image-generation prompts and optional reference image URLs being sent to fal.ai or a configured compatible provider. Do not include confidential business text or personal data in prompts unless you accept that processing, protect any API key added to config.json, and avoid sharing the run folder because it can contain prompts, provider URLs, and generation metadata.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documentation instructs the agent to perform file reads, file writes, network access, and potentially use environment/config-based credentials, yet no explicit permission boundary is declared. This creates a capability mismatch where a reviewer or runtime may underestimate what the skill can do, increasing the risk of unintended data access, persistence, or external calls.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The fallback path expands the skill from prompt authoring into making external network requests using user-supplied API credentials from config.json. That broadens the trust boundary: prompts and possibly image-edit inputs may be sent to a third-party provider, which can expose sensitive user content or incur unauthorized usage if the behavior is not clearly declared and constrained.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal