ClawHub

skill-image-compress

Security checks across malware telemetry and agentic risk

Overview

This image compression skill performs the expected local image processing setup and file output, with no evidence of hidden data access, exfiltration, deletion, or background persistence.

Install only if you are comfortable with a Node-based skill running npm install for sharp/commander and writing compressed copies under the configured output folder. Use recursive mode only on folders you intentionally choose, and treat the large-file confirmation text as a warning because the code does not actually wait for user input before continuing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill documents shell-capable operations such as running Node scripts, invoking npm install, and changing file permissions, but it does not declare permissions for those actions. Hidden or undeclared execution capability weakens user consent and platform enforcement, because a seemingly simple image tool can execute system commands and modify the local environment.

Tp4

High
Category
MCP Tool Poisoning
Confidence
96% confidence
Finding
The declared purpose is limited to image compression and format conversion, but the documented behavior also installs dependencies, probes the host environment, creates directories, and reads/writes configuration under the user's home directory. This mismatch is security-relevant because users may authorize a low-risk media task without realizing the skill will perform broader system changes and persistent local-state modification.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal