ClawHub

GoAI Image Gen

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed GoAI image-generation skill whose network use, API key use, reference-image uploads, and saved/public outputs match its purpose.

Install only if you are comfortable sending prompts and any reference images to mustgoai.com or a configured GoAI endpoint, and receiving generated media URLs that may be externally accessible. Use a dedicated API key where possible and avoid uploading sensitive photos, documents, or proprietary artwork as references.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill clearly uses sensitive capabilities: environment variables for API keys, local file reads for reference images, file writes for generated outputs, network access to a remote API, and shell execution via `uv run`. Leaving these undeclared creates a transparency and policy gap, making it easier for the skill to be invoked without users or the platform understanding its real access needs.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The trigger description is broad enough to match many common requests about making or editing images, increasing the chance the skill runs when the user did not intend to use this specific external service. In this context, accidental invocation matters because the skill can upload local images, consume paid API credits, and produce public URLs.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill states that local image paths will be uploaded and remote URLs passed through, but the description does not prominently warn that user-supplied local files leave the device and are sent to a third-party service. This creates a real privacy and data-exfiltration risk, especially if users provide sensitive photos, documents, or proprietary artwork as references.

Missing User Warnings

High
Confidence
96% confidence
Finding
The output contract requires always returning a public URL, which can expose generated content beyond the local environment and normalize sharing externally accessible links without user opt-in. If outputs contain sensitive, identifying, or proprietary content, forcing disclosure of a public URL increases unintended distribution and retention risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The code automatically uploads any non-URL image input to a remote GoAI-controlled service via a signed upload URL, but this file contains no user-facing notice or consent mechanism before exfiltrating local file contents. In an agent skill context, users may provide local paths expecting local processing, so silent transmission of local files to a third party creates a real privacy and data-handling risk.

Missing User Warnings

Low
Confidence
78% confidence
Finding
The function downloads remote media and writes it to an arbitrary output path on disk without any visible disclosure in this file that persistence will occur. While saving output is expected for an image-generation skill, silent writes can still surprise users, overwrite files, or leave sensitive/generated content on disk unintentionally.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal