ClawHub

小红书爆款封面生成大师

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-aligned, but it should be reviewed because it sends queries to a third-party API, embeds and accesses raw external image URLs, and disables HTTPS certificate verification.

Install only if you are comfortable with the skill sending your search keywords to a third-party trend API and loading remote XHS/CDN image URLs for analysis. Treat its reports as potentially redistributing public creator/profile and media links, and avoid using debug or output files in shared environments. The disabled TLS verification means the returned data could be intercepted or tampered with on the network, so this should be reviewed before normal use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The workflow instructs the agent to directly fetch external cover URLs and republish real image URLs, but it provides no warning, consent step, or controls around third-party access. This can leak user/IP metadata to external hosts, trigger unintended requests to untrusted infrastructure, and redistribute third-party resource URLs in output without review.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The document explicitly instructs exposing full author identifiers, profile links, avatar URLs, and image URLs, but provides no data-minimization, consent, retention, or redistribution guidance. Even if this data is scraped from a public platform, aggregating and republishing it in a tool increases privacy, compliance, and misuse risk by making profiling and mass collection easier.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documented debug mode prints raw API responses without any warning or scoping, which can disclose more data than the normalized output, including undocumented fields, tokens, internal metadata, or unexpectedly sensitive content. In agent or shared-log environments, debug output is especially risky because logs may be persisted, forwarded, or exposed to operators beyond the original user.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal