ClawHub

Image Marketing Brochure

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed brochure image-generation workflow that uses a third-party dLazy CLI and cloud API, with no artifact-backed evidence of hidden or destructive behavior.

Install only if you are comfortable using the third-party dLazy CLI, sending prompts and selected media files to dLazy cloud services, and storing or supplying a dLazy API key. Prefer npx or DLAZY_API_KEY if you do not want a long-lived global install or saved credential.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill's stated purpose is a constrained brochure-design workflow, but these later instructions broaden execution into generic terminal-based image generation and sequential multi-image production. That mismatch can cause an agent to perform actions outside the narrowly described task boundary, increasing the risk of unsafe command execution and policy drift when handling user input via CLI commands.

Intent-Code Divergence

Medium
Confidence
86% confidence
Finding
The file describes a mandatory 'layout-first + confirmation' control, but later instructions tell the agent to draft and generate the first image after a separate confirmation flow. Contradictory control logic weakens the safety boundary because an agent may skip the intended approval checkpoint and proceed with generation based on the wrong artifact or phase.

Description-Behavior Mismatch

Medium
Confidence
85% confidence
Finding
The skill expands from a brochure-design workflow into instructions to fetch external references and run a third-party CLI that performs remote generation. This creates data exfiltration and unreviewed external-command execution risk because user prompts and local media may be sent to outside services, which is more dangerous than a purely local design-planning skill would imply.

Intent-Code Divergence

High
Confidence
96% confidence
Finding
The document says the skill itself will not access the network or filesystem, but later requires terminal execution of dlazy CLI, which sends prompts to api.dlazy.com and uploads local files to files.dlazy.com. This is a material contradiction that can mislead operators into approving a skill under false assumptions about data handling and system interaction.

VirusTotal

46/46 vendors flagged this skill as clean.

View on VirusTotal