ClawHub

Laozhangapi Image

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward third-party image generation/editing helper, with expected network, token, and file-saving behavior but a few usage cautions.

Install only if you trust laozhang.ai with the prompts, image URLs, and API token used for generation or editing. Prefer the ~/.laozhang_api_token setup over passing tokens on the command line, use --no-save when you do not want local image files written, and treat broad trigger phrases as a reason to confirm before making billable API calls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill documents capabilities that read a local token file, write output files, and make outbound network requests, but it does not declare any permissions. This creates a transparency and policy-enforcement gap: users and the platform may not realize the skill can access local files and transmit data externally, increasing the chance of unintended secret exposure or unauthorized file operations.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The script blindly downloads and writes any URL returned by the upstream API without validating the host, content type, size, or redirect chain. That creates a general remote-download primitive beyond the stated image-generation purpose and can be abused if the API is compromised or manipulated to return arbitrary resources, potentially causing storage abuse, unexpected network access, or saving non-image content as a local file.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger list includes broad everyday phrases such as '生成图片', '画图', and '图片编辑', which can cause the skill to activate unintentionally during normal conversation. Accidental invocation can lead to unexpected network calls, token use, charges, or file writes, especially because this skill performs billable API operations.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The example shows passing an API token directly on the command line (`--token sk-xxx`), which can expose credentials through shell history, process listings, audit logs, or screenshots. Because this is user-facing documentation, it normalizes an unsafe practice and increases the chance that real secrets will be handled insecurely.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal