ClawHub

Colormind

Security checks across malware telemetry and agentic risk

Overview

This palette skill is transparent about sending color data to Colormind over plain HTTP and using ImageMagick for optional image sampling, so it is acceptable for non-sensitive use.

Install only if you are comfortable sending palette colors and image-derived RGB values to colormind.io over unencrypted HTTP. Do not use it with private photos, confidential design work, proprietary brand colors, or untrusted images unless you add sandboxing and keep ImageMagick patched.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
82% confidence
Finding
The security notes document an image-processing capability that materially expands the skill's behavior beyond the manifest's API-only description. This mismatch can cause operators, reviewers, or policy engines to grant the skill broader file-processing access than expected, increasing the risk of unsafe local image handling, ImageMagick exposure, and unintended data exfiltration via derived color data.

Description-Behavior Mismatch

Low
Confidence
77% confidence
Finding
The documented architecture introduces multiple local scripts, temporary JSON files, and image-processing steps that are absent from the narrower manifest description. Even if the code is not overtly malicious, undocumented components reduce transparency and can bypass expected trust boundaries, making review, sandboxing, and least-privilege enforcement less effective.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script transmits user-provided palette input and model selection to an external third-party API without any explicit warning or consent prompt. In skill/agent contexts, undisclosed outbound transmission can expose user-supplied data to external services, which is especially concerning because the endpoint uses plain HTTP rather than HTTPS, allowing interception or tampering in transit.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script derives color data from a user-supplied image and transmits that data to the external Colormind service, but this file provides no warning, consent prompt, or privacy notice about that outbound data flow. Even though only palette/base-color information is sent rather than the full image, derived image features can still reveal information about user content and create an unexpected third-party disclosure.

External Transmission

Medium
Category
Data Exfiltration
Content
body.input = inputSlots.map(parseSlot);
}

const resp = await fetch("http://colormind.io/api/", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify(body),
Confidence
97% confidence
Finding
fetch("http://colormind.io/api/", { method: "POST"

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal