Gemini Painter

Security checks across malware telemetry and agentic risk

Overview

This is a coherent image-generation skill that sends prompts to a disclosed local service and saves generated images locally, with privacy notes but no artifact-backed malicious behavior.

Install only if you intend to use a trusted Gemini-compatible service on 127.0.0.1:8317. Do not include secrets or sensitive confidential details in prompts, and expect generated images to be saved locally in the OpenClaw archive path.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill advertises network access to a local HTTP service and likely relies on environment/configuration, but the manifest declares no permissions. This creates a transparency and governance gap: users and policy systems cannot accurately assess or constrain what the skill can access, which can lead to unintended outbound requests or misuse of sensitive configuration at runtime.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill states that generated images are automatically archived and that prompts are recorded, but it does not warn users that their inputs and outputs will be stored persistently. Prompts can contain sensitive personal, proprietary, or confidential content, so silent retention increases privacy, compliance, and data exposure risk if archives are later accessed, synced, or leaked.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal