ClawHub

Dlazy Seedream 5.0 Lite

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed third-party image-generation wrapper, but users should notice that it installs a mutable latest CLI and sends prompts, selected local files, and API-key-authenticated requests to dLazy.

Install only if you are comfortable using dLazy as a cloud image-generation provider. Review the current @dlazy/cli package before installing because this skill uses @latest, and avoid passing private local image paths unless you intend those files to be uploaded to dLazy.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Low
Confidence
95% confidence
Finding
The documentation claims the package install is pinned to version 1.0.9, but the actual metadata installs @dlazy/cli@latest. This creates a supply-chain integrity risk because agents or users may trust the documented fixed version while actually executing whatever code is published most recently, including unexpected breaking changes or a compromised release.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The trigger keywords are broad and overlap with common user language such as '豆包', 'seedream', and generic image-generation phrases. Overbroad activation can cause the wrong skill to fire, leading to unintended network calls, accidental upload of local files referenced in prompts, or confusion about which tool is handling a request.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger keywords are broad enough to match ordinary image-generation requests such as 'generate image' or 'text to image', which can cause this skill to be invoked when the user did not specifically intend to use dLazy. Because the skill sends prompts and local file inputs to external dLazy-controlled endpoints, accidental activation can lead to unintended data disclosure to a third-party service and unexpected credentialed API usage.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal