ClawHub

图片姬

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only image prompt helper with visible scope quirks but no evidence of hidden, destructive, credential-seeking, or persistent behavior.

Install if you want a Chinese-oriented image prompt generator. Review the helper files if you need strictly general-purpose or English-first behavior, and explicitly request your desired language, style, and whether files should be written before using it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The file content materially diverges from the advertised skill metadata: instead of a general-purpose image prompt generator, it hard-locks the agent into a narrow 'high school computer science visualization expert' role. This can mislead users and downstream orchestrators, causing prompts to be transformed under unintended domain constraints and producing outputs that do not match the declared capability or safety review scope.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger field lists broad, generic phrases such as 图像prompt生成, 插图创作, 风格定制, and 视觉设计, which can cause the skill to activate in many loosely related contexts. Over-broad activation increases the chance the agent invokes this skill when the user did not explicitly request structured prompt generation, leading to unintended handling of user input and workflow hijacking of adjacent tasks.

Natural-Language Policy Violations

Medium
Confidence
82% confidence
Finding
Defaulting output language to Chinese without user opt-in can produce results in an unexpected language, especially in multilingual environments or downstream toolchains expecting English prompts. This can degrade reliability, confuse users, and cause prompt incompatibility or accidental policy bypass assumptions when language choice matters for later processing.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The examples repeatedly instruct the model to produce Chinese-language output and Chinese-labeled layouts regardless of user preference, which can override or bias downstream agent behavior without explicit user opt-in. In a prompt-generation skill, such embedded language-control directives are dangerous because they can silently steer outputs away from the user's requested language, reducing reliability and enabling prompt-level policy interference.

Natural-Language Policy Violations

Medium
Confidence
90% confidence
Finding
The skill mandates Chinese output by default unless a specific exception applies, which overrides user language preference without opt-in. While not directly enabling code execution or data exfiltration, this is a prompt-scope control issue that can degrade usability, break integrations expecting another language, and make the skill behave unpredictably in multilingual contexts.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal