ClawHub

Cn Qrcode Generator

Security checks across malware telemetry and agentic risk

Overview

This QR-code skill does what it says, but users should know QR contents are sent to qrserver.com rather than generated locally.

Install only if you are comfortable sending the QR text or URL to qrserver.com. Do not use it for secrets, private internal links, password-reset URLs, tokens, or sensitive personal data; use a local QR generator for those cases.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
This skill is presented as a QR generator, but it sends the user-provided content to a third-party service (`api.qrserver.com`) for rendering. That creates a privacy and data-handling risk because URLs, tokens, internal hostnames, or other sensitive text embedded in the QR content are disclosed off-device without explicit warning or consent.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The tool is presented as a QR code generator, but it sends the full user-supplied text to a third-party service for processing. That creates a privacy and data-handling risk because users may reasonably expect local generation and may input sensitive URLs, tokens, contact details, or internal data without realizing it is transmitted externally.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
Forwarding arbitrary user text to an external QR code API is not inherently necessary for a generic QR generation skill and expands the trust boundary to an unaffiliated service. Sensitive content entered by users can be exposed to the provider, intermediary infrastructure, or service logs, even though TLS is enabled.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill states that user-provided URL or text is sent to qrserver.com to generate a QR code, but it does not warn users that their input leaves the local environment. If users provide sensitive links, tokens, internal URLs, or private text, that data may be disclosed to a third-party service without informed consent.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The code transmits arbitrary user text to an external QR API without any user-facing disclosure, confirmation, or sensitivity checks. In agent contexts, users may provide credentials, internal URLs, reset links, or other confidential strings expecting local processing, so silent exfiltration to a third party is materially risky.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The code and description do not provide a clear warning that user-provided text will be transmitted to api.qrserver.com. This lack of disclosure can mislead users into submitting confidential material under the assumption that the tool operates locally.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal