ClawHub

Dashscope Image Gen

Security checks across malware telemetry and agentic risk

Overview

This is a coherent DashScope image-generation skill with a small under-documented credential fallback, but no evidence of malicious or unrelated behavior.

Before installing, expect prompts to be sent to Alibaba DashScope and your DashScope account quota to be used. Set DASHSCOPE_API_KEY explicitly if you do not want the tool to fall back to ~/.openclaw/openclaw.json, keep the default base URL unless you trust another endpoint, and choose the --out path carefully because it will be overwritten if it already exists.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill instructs use of environment secrets, local script execution, file output, and outbound network access, but the skill metadata does not declare those capabilities. This creates a transparency and policy-enforcement gap: an agent or reviewer may approve or run the skill without understanding that it can access API keys, contact external services, and write files.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The script reaches outside its stated purpose by reading credentials from an unrelated local OpenClaw config file when no explicit DashScope key is provided. That expands the skill's trust boundary and allows it to silently consume secrets from another tool's configuration, which is risky in an agent context because users may not realize this skill can access unrelated local credentials.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal