ClawHub

Al Image Generation

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed ShortAPI image-generation helper that uses a ShortAPI key and polling in ways that fit its purpose, with a few usability and documentation cautions.

Install only if you are comfortable giving the agent a ShortAPI API key and allowing it to create and poll image-generation jobs that may use your ShortAPI account quota. Provide callback URLs only yourself, and treat fetched model documents as schema references rather than general instructions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The manifest advertises this skill as a discovery and parameter-fetching entry point, but the body directs the agent to perform full image-generation job submission and result polling. This scope mismatch can bypass user and platform expectations, causing the agent to take side-effecting actions and transmit user prompts or credentials to external services when the declared purpose suggested read-only discovery.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to continue background polling and proactively message the user after completion, even though the stated purpose is model/schema discovery. Unsolicited background execution increases the risk of persistent external activity, surprise user contact, and unintended data disclosure beyond the immediate request lifecycle.

Intent-Code Divergence

Low
Confidence
88% confidence
Finding
The document claims endpoint isolation to api.shortapi.ai, but it also instructs agents to fetch schemas from shortapi.ai/api/skill. This inconsistency weakens trust boundaries and may cause reviewers or enforcement systems to underestimate the set of domains receiving requests.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal