ClawHub

Agnes画影

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Agnes AI image/video generation helper; its main risks are expected API-key setup and sending prompts to an external service.

Install only if you are comfortable sending generation prompts to Agnes AI under your own API key. Avoid placing secrets or personal data in prompts, and be aware that the suggested shell-profile setup stores AGNES_API_KEY persistently until you remove it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The skill requests Bash and includes shell-based OS/shell detection plus profile modification instructions even though its primary function is media generation via an API. This expands the attack surface by enabling command execution and persistent environment changes that are not strictly necessary for the core task.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The trigger list contains broad phrases like '生成图片' and '生成视频' that may match ordinary requests and cause the skill to activate unexpectedly. Over-broad activation increases the chance that sensitive contexts or unrelated conversations are routed into a skill that can ask for secrets and invoke external services.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The document provides ready-to-run curl examples that send prompts and an API key to a third-party endpoint, but it does not warn users that their prompts, media-generation requests, and associated metadata will be transmitted externally. This is a real security/privacy concern because users may unknowingly submit sensitive data to an external service under their own credentials.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal