ClawHub

Image Gen Low Cost

Security checks across malware telemetry and agentic risk

Overview

This is a coherent image-generation tool, but it can unintentionally send an existing OpenAI API key to a third-party default endpoint.

Install only if you are comfortable sending prompts and image URLs to the configured API provider. Set IMGEN_TOKEN explicitly, verify IMGEN_API_URL before use, and avoid running it in an environment where OPENAI_API_KEY is set unless you intend that key to be used by this tool.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The README instructs users to register with a third-party service, configure an API token, and optionally point the tool at arbitrary API endpoints, but it does not warn that prompts, images, and possibly metadata will be transmitted to external services. In an image-generation skill, this matters because users may submit sensitive text prompts or private images for editing without understanding where that data goes.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases are very broad generic terms like '生成图片', '画图', and '图片编辑', which are likely to match many ordinary user requests. This can cause unintended invocation of the skill, leading users to route prompts, image URLs, and possibly tokens or other data into an external image-generation workflow without clear intent.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The edit flow sends the user-provided image URL and prompt to a third-party API, but the CLI does not clearly warn users that their content will be transmitted off-host. This can expose private image URLs, sensitive prompt contents, or internal resource locations to an external service, especially in agent contexts where users may not realize the backend is not local.

External Transmission

Medium
Category
Data Exfiltration
Content
### 1. 获取 API Token

访问 [https://api.laozhang.ai/register/?aff_code=lfa0](https://api.laozhang.ai/register/?aff_code=lfa0) 注册,在控制台获取 token。新注册自动获得 $0.5 开发测试额度。

### 2. 配置 Token
Confidence
94% confidence
Finding
https://api.laozhang.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
### 1. 获取 API Token

访问 [https://api.laozhang.ai/register/?aff_code=lfa0](https://api.laozhang.ai/register/?aff_code=lfa0) 注册,在控制台获取 token。新注册自动获得 $0.5 开发测试额度。

### 2. 配置 Token
Confidence
94% confidence
Finding
https://api.laozhang.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
## API 端点

默认使用老张 API (`https://api.laozhang.ai/v1/chat/completions`)。

```bash
# 切换到其他 OpenAI 兼容端点
Confidence
96% confidence
Finding
https://api.laozhang.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# 切换到其他 OpenAI 兼容端点
export IMGEN_API_URL=https://api.openai.com/v1/chat/completions

# 使用其他兼容服务
export IMGEN_API_URL=https://your-api-endpoint.com/v1/chat/completions
Confidence
83% confidence
Finding
https://api.openai.com/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal