ClawHub

Retro Travel Poster Generator

Security checks across malware telemetry and agentic risk

Overview

This image-generation skill appears purpose-aligned, but it is under-disclosed because it advertises one provider while sending prompts and tokens to a different external domain.

Review before installing. Only use this skill if you are comfortable sending prompts, optional reference identifiers, and the API token to api.talesofai.com. Do not provide sensitive prompts or credentials until the publisher fixes the documentation/implementation mismatch and clearly states the destination domain and data sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill declares only Bash tooling and does not transparently declare that it performs network access, yet it requires an API token and uses an external image-generation service. Hidden or undeclared network behavior reduces auditability and informed consent, making it easier for the skill to transmit prompts, tokens, or metadata to third-party infrastructure without clear permission boundaries.

Tp4

High
Category
MCP Tool Poisoning
Confidence
97% confidence
Finding
The documented behavior says the skill uses the Neta API, but the analysis indicates it actually communicates with api.talesofai.com and uses platform headers inconsistent with the stated provider. This mismatch is dangerous because users may disclose API tokens, prompts, or reference-image identifiers under false assumptions about the receiving service, creating a supply-chain and data-exfiltration risk; support for --ref also expands behavior into image/reference-based editing beyond the plainly stated purpose.

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
The skill description claims it uses the Neta API, but the code actually sends prompts and bearer-like tokens to talesofai.com using Tales/Nieta-specific headers. This mismatch is dangerous because users may provide credentials under false assumptions, causing inadvertent disclosure of prompts and authentication material to a different service than advertised.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The code transmits the user's prompt and token to a remote third-party API without any explicit runtime warning or confirmation. In a skill context, prompts may contain sensitive business or personal data, and the token is a secret credential, so silent outbound transmission creates privacy and credential-handling risk.

External Transmission

Medium
Category
Data Exfiltration
Content
if (ref) {
    body.inherit_params = { collection_uuid: ref, picture_uuid: ref };
  }
  const res = await fetch('https://api.talesofai.com/v3/make_image', {
    method: 'POST',
    headers: {
      'x-token': token,
Confidence
87% confidence
Finding
fetch('https://api.talesofai.com/v3/make_image', { method: 'POST'

External Transmission

Medium
Category
Data Exfiltration
Content
if (ref) {
    body.inherit_params = { collection_uuid: ref, picture_uuid: ref };
  }
  const res = await fetch('https://api.talesofai.com/v3/make_image', {
    method: 'POST',
    headers: {
      'x-token': token,
Confidence
87% confidence
Finding
https://api.talesofai.com/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal