ClawHub
Back to skill

Security audit

qqbot-image-helper

Security checks across malware telemetry and agentic risk

Overview

This skill is an instruction-only helper for copying user-selected images into an image-readable folder, but users should be careful because it can duplicate private local images.

Install only if you want this exact workflow. Use it for specific images you supplied or explicitly want analyzed, avoid broad paths or whole directories, and delete copied files from ~/.openclaw/media afterward if the images are private or sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill directs users to copy images from a restricted directory into an allowed directory without clearly warning that this creates a second local copy of potentially sensitive user data. This increases data persistence and exposure risk, especially if the media directory is more broadly accessible, retained longer, or reused by other tools.

Ssd 4

High
Confidence
99% confidence
Finding
The skill explicitly instructs users to move content from a directory that the image tool intentionally cannot access into an allowed directory so the restriction can be bypassed. That undermines the security boundary enforced by tool path restrictions and can enable unauthorized analysis of files that were deliberately placed outside the allowed set.

Ssd 4

High
Confidence
99% confidence
Finding
The example workflow operationalizes the bypass by telling the user to inspect attachment paths, copy from restricted storage, and then analyze the copied file. This makes the security-boundary evasion concrete and repeatable, increasing the likelihood that users will routinely circumvent directory restrictions rather than use a sanctioned access path.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal