ClawHub

DingJi Long Image

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed math-course image generator that saves and uploads generated PNGs to provide download links.

Install only if you are comfortable with generated images being saved locally and uploaded to obtain a shareable download link. Avoid including private student information, confidential course material, or sensitive branding unless sharing that content through the platform upload flow is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly states that generated images are uploaded to cloud storage and a download link is returned, but it does not disclose where data is sent, what provider is used, or whether user-provided content may leave the local environment. This creates a real privacy and data-handling risk, especially if users include proprietary teaching material, student data, or branded content in the generated image.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger phrases are broad enough to match ordinary image-generation requests, which can cause the skill to activate outside its intended educational context. That increases the chance of unintended file creation and downstream upload behavior being invoked for users who did not explicitly ask for this specific skill.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly writes output files to a fixed outbound path and uploads them via a file-transfer tool, but it does not clearly disclose these data-handling actions to the user before execution. This is risky because generated content may include sensitive educational materials, names, or proprietary content, and automatic upload expands exposure beyond local generation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal