ClawHub

Sideload Avatar Generator

Security checks across malware telemetry and agentic risk

Overview

This avatar skill appears purpose-aligned, but it needs Review because it can upload any user-specified local file to Sideload.gg and can write downloads outside its intended output folder through an unchecked filename option.

Review before installing. Use only non-sensitive prompts and image files you intentionally want to send to Sideload.gg, probe the price first, and pass only a one-time scoped x402 payment token rather than wallet keys. Avoid path-like --output values such as ../name until filename confinement is fixed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README encourages users to supply either a remote image URL or a local file path for avatar generation, but it does not clearly disclose that the image content will be sent to Sideload.gg for remote processing. This can lead users to upload sensitive personal photos or proprietary images without informed consent, creating privacy and data-handling risk even if the service is behaving as intended.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The API reference describes sending text prompts and externally hosted image URLs to Sideload.gg but does not clearly warn that user-supplied content is transmitted to a third-party service for processing. In an agent skill context, this can cause users or downstream integrators to unknowingly send sensitive prompts, private image links, or internal URLs to an external provider, creating privacy, data-handling, and trust risks.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The usage examples allow `--image /path/to/photo.jpg` but do not explicitly warn that a local file will be transmitted to Sideload.gg for remote processing. Users may reasonably assume a local image is processed locally, causing unintended disclosure of sensitive photos, personal documents, or proprietary artwork to a third party.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
When a local file path is provided, the script reads the image and embeds its full contents in a data URL sent to the remote Sideload API. Although this is part of the feature, the script does not provide an explicit warning or confirmation that a local file will be uploaded off-host, which can lead to unintended disclosure of sensitive images if a user assumes processing is local.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal