ClawHub

raise-ai-media

Security checks across malware telemetry and agentic risk

Overview

The skill appears to do what it claims, but it asks users to share and persist an API key through chat, which needs careful review before installation.

Install only if you trust RaiseAI and this agent environment with your prompts, public media URLs, and API usage. Prefer configuring RAISE_AI_API_KEY through a protected local settings or secrets mechanism instead of pasting it into chat, use a dedicated low-privilege key if available, monitor credit usage, and rotate or revoke the key if it may have been exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger logic is intentionally expansive: it activates not only on explicit keywords but on nearly any request involving creating images, videos, scripts, or extracting content from media. This can cause the skill to intercept unrelated or higher-priority requests, leading to unintended external API use, data disclosure to a third party, or bypass of more appropriate domain-specific safeguards.

Missing User Warnings

High
Confidence
99% confidence
Finding
The document explicitly instructs users to paste their RaiseAI API key into chat so the agent can configure itself. Collecting secrets through conversational channels increases the risk of credential exposure via logs, transcripts, prompt injection side effects, or unintended retention, and the warning shown only addresses public exposure generally, not the risk of sharing directly with the agent.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs users to submit publicly accessible image/video URLs to an external API and later poll for results, but it does not warn about privacy, data retention, or exposure of potentially sensitive media. In a media-generation and media-analysis skill, users are especially likely to provide personal or proprietary assets, so omission of disclosure and handling guidance creates a real data-leakage risk.

Ssd 3

High
Confidence
99% confidence
Finding
Telling users to give their API key directly to the agent for automatic configuration and persistence encourages unsafe secret handling by design. In an agent environment, secrets shared in chat may be exposed to logging, memory, future prompts, support review, or other integrations, making credential theft or unintended reuse more likely.

Ssd 3

High
Confidence
98% confidence
Finding
The repeated statement that users can configure the skill by telling the agent their API key normalizes secret submission via chat and persistence in agent-managed storage. Repetition makes the unsafe workflow more likely to be followed, increasing the chance of leaked credentials and downstream unauthorized API use.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal