ClawHub

Skywork Design

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Skywork image-generation skill with cloud/API-key privacy caveats but no artifact-backed evidence of hidden or malicious behavior.

Install only if you are comfortable sending prompts and selected images to Skywork’s cloud service. Use a dedicated Skywork API key if possible, avoid printing or screenshotting the key, avoid sensitive images unless Skywork is approved for that data, and manually verify any upgrade link before paying.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to return an OSS URL for generated images by default, but provides no warning that this URL may expose user-generated or edited content through an externally accessible location. If users edit sensitive images, this could unintentionally disclose private data to third parties or make content persist outside the local environment.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The guide explicitly tells users to run `echo "$SKYWORK_API_KEY"`, which reveals the full secret in cleartext on screen and may expose it to terminal recording, screenshots, shared sessions, or command logging environments. While `echo` itself does not usually add the value to shell history, the instruction normalizes unsafe secret-handling and can leak credentials in common operational contexts.

Vague Triggers

Medium
Confidence
97% confidence
Finding
The trigger list contains many broad, common terms such as "post," "story," "banner," and "thumbnail," which can match ordinary user requests outside the intended Skywork Design use case. This can cause unintended skill invocation, creating routing confusion and potentially sending unrelated prompts or user data into an image-generation workflow when another tool or no tool should have been selected.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal