ClawHub

pixelhub-api-tools

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a real Pixelle/Pixelhub media API helper, but its setup tells users to expose and store an API key in unsafe ways.

Review before installing. The API calls themselves match the skill's purpose, but do not paste your API key into chat or hardcode it in the runner. Prefer using the Pixelhub_API_KEY environment variable or a secret manager, confirm costs before running generation jobs, and rotate the key if it has already been shared or stored in files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill instructs the user to paste an API key directly into chat with no warning that the credential is sensitive. Secrets entered into chat may be retained in logs, transcripts, or tool context and can be exposed to unauthorized parties or later prompts, leading to account compromise and abuse of the user's API quota or billing.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
Accepting the API key via a command-line argument can expose credentials through shell history, process listings, job-control tools, or audit logs on multi-user systems. In an agent/automation context, this increases the chance that long-lived secrets are unintentionally disclosed to other local users or captured in telemetry.

Ssd 3

High
Confidence
99% confidence
Finding
The setup flow combines two unsafe practices: collecting the API key via chat and then persisting it by replacing a value in a local runner file. This increases exposure by placing the secret both in conversation history and in source or working files, where it may be leaked through backups, version control, file sharing, or subsequent tool execution.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal