ClawHub

微信表情包制作工具

Security checks across malware telemetry and agentic risk

Overview

This is a local WeChat sticker image-processing tool with disclosed dependency risks but no evidence of hidden or unrelated behavior.

Install only if you are comfortable running a local Python image tool that creates a virtual environment, installs third-party packages, and overwrites generated files in the chosen output directory. For sensitive environments, pin and review dependency versions first, use trusted images, and avoid enabling background removal unless you accept rembg model/package behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The README describes triggering the skill through very general natural-language requests such as 'process your grid collage' without strong activation constraints, which can cause the agent to invoke this skill for loosely related image tasks. In an agent environment, broad trigger phrasing increases the chance of unintended tool execution, incorrect file handling, or surprising transformations on user images.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The example prompts are broad enough to overlap with ordinary image-help requests, especially requests like 'help me generate a draft from this image' or generic conversion requests. This can make the skill overmatch unrelated conversations and cause the agent to run sticker-generation workflows when the user did not specifically intend to invoke this capability.

Unpinned Dependencies

Low
Category
Supply Chain
Content
Pillow>=9.0.0
rembg>=2.0.0
onnxruntime>=1.14.0
Confidence
95% confidence
Finding
Pillow>=9.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
Pillow>=9.0.0
rembg>=2.0.0
onnxruntime>=1.14.0
Confidence
96% confidence
Finding
rembg>=2.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
Pillow>=9.0.0
rembg>=2.0.0
onnxruntime>=1.14.0
Confidence
93% confidence
Finding
onnxruntime>=1.14.0

Known Vulnerable Dependency: Pillow — 10 advisory(ies): CVE-2016-2533 (Pillow buffer overflow in ImagingPcdDecode); CVE-2023-50447 (Arbitrary Code Execution in Pillow); CVE-2021-27922 (Pillow Uncontrolled Resource Consumption) +7 more

Critical
Category
Supply Chain
Confidence
90% confidence
Finding
Pillow

Known Vulnerable Dependency: rembg — 6 advisory(ies): CVE-2026-40086 (Rembg has a Path Traversal via Custom Model Loading); GHSA-55v6-g8pm-pw4c (rembg server is vulnerable to Server-Side Request Forgery (SSRF) and a weak defa); CVE-2025-25302 (Rembg CORS misconfiguration) +3 more

High
Category
Supply Chain
Confidence
88% confidence
Finding
rembg

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal