ClawHub

GPT-4o-image

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward PoYo image-generation helper that clearly submits user-provided image job requests to PoYo using a declared API key.

Install only if you want your agent to submit image generation or editing jobs to PoYo. Prefer setting POYO_API_KEY in the environment instead of passing it on the command line, review the JSON payload before submission, and avoid sending private prompts, sensitive images, internal image URLs, or callback URLs unless you are comfortable sharing them with PoYo.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill explicitly instructs use of shell tooling (`curl`) and references a submission script, yet no permissions are declared to constrain or disclose that capability. This creates an unsafe mismatch where network-capable shell execution may occur without clear governance, increasing the chance of unintended command execution or secret-bearing requests.

Tp4

High
Category
MCP Tool Poisoning
Confidence
93% confidence
Finding
The skill claims model-specific payload preparation and polling behavior, but the described implementation apparently just submits arbitrary JSON to an external endpoint. That mismatch is dangerous because users and orchestrators may trust the skill to enforce safe, model-specific constraints when in reality it can forward unvalidated data, potentially causing data leakage, misuse of the API, or unexpected external actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal