ClawHub

Image Prompt

Security checks across malware telemetry and agentic risk

Overview

This is a local image-prompt helper, with the main caveat that prompts and command history are stored in plain text on the user's machine.

Install only if you are comfortable with prompt names, prompt text, and command history being kept locally in plain text under $HOME/.image-prompt or IMAGE_PROMPT_DIR. Avoid saving confidential client details, secrets, or proprietary concepts unless that local storage location is appropriate for your environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The script silently creates persistent storage for prompts and a history log at startup, even though the skill is presented primarily as a prompt generator/optimizer. This can capture user-supplied prompts and activity over time without clear disclosure, which is a privacy and data-minimization issue, especially if prompts contain sensitive or proprietary content.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The skill states that prompts and command history are stored locally, but it does not provide an explicit privacy warning, consent mechanism, retention policy, or guidance about sensitive content. Users may unknowingly persist confidential prompts or proprietary ideas in plain text under their home directory, increasing exposure to other local users, backups, or forensic recovery.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
User prompts and activity are persistently written to local files without any user-facing warning or consent flow. Because prompts may contain confidential creative ideas, internal project details, or sensitive text, silent retention increases the risk of unintended disclosure to other local users, backups, or later compromise of the host.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal