ClawHub

Materials Workbench

Security checks across malware telemetry and agentic risk

Overview

The skill mostly matches its stated local AI image-workbench purpose, but it needs review because core AI behavior depends on unbundled local code while using API credentials and third-party image upload services.

Install only if you are comfortable running a local dev server that uses your OpenAI-compatible API key and may upload attached images to PICUI. Review or vendor the missing local dependencies before use, keep the server bound to localhost, avoid sensitive/proprietary images unless you trust PICUI and the configured AI provider, and upgrade Vite.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill metadata declares required environment variables and implicitly enables networked behavior via an Express/OpenAI-backed server, but it does not declare corresponding permissions in a structured, explicit way. This creates a transparency and governance gap: users or orchestration systems may not understand that the skill can access secrets and communicate externally, increasing the chance of unintended secret exposure or network use.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README states that attached images are uploaded to PICUI and URLs are passed to the agent, but it does not prominently warn about the privacy and data-handling implications of sending user-provided materials to a third-party service. In a tool intended for uploading arbitrary materials, this can lead users to unknowingly transmit sensitive or proprietary images off-system.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill states that AI-assisted schema generation requires an OpenAI API key, but it does not disclose that user-provided schema/content data may be transmitted to an external API for processing. In this context, users may paste proprietary designs, prompts, or embedded content into the workbench, so the lack of disclosure can lead to unintentional third-party data sharing and compliance/privacy issues.

Known Vulnerable Dependency: vite==5.4.10 — 10 advisory(ies): CVE-2025-32395 (Vite has an `server.fs.deny` bypass with an invalid `request-target`); CVE-2025-31125 (Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query); CVE-2026-39365 (Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling) +7 more

Low
Category
Supply Chain
Confidence
92% confidence
Finding
vite==5.4.10

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal