ClawHub
Back to plugin

Security audit

SmartKV Image Generator

Security checks across malware telemetry and agentic risk

Overview

This plugin does what it says, but it sends prompts and an API key to a default plaintext HTTP backend at a raw IP address, which users should review before installing.

Install only if you trust the SmartKV backend and understand that your prompt text and SmartKV API key may be sent to the configured server. Prefer configuring an HTTPS endpoint you control or trust, rotate the key if it was used over HTTP, and avoid sending sensitive prompts through this plugin.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README instructs users to configure a remote backend at an explicit HTTP URL and states that the plugin sends an `x-api-key` to that service, but it provides no warning about credential exposure or transport security. Because the documented `baseUrl` uses plaintext HTTP rather than HTTPS, the API key could be intercepted in transit or sent to an unexpected host, making this more than a documentation-only issue in context.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The plugin sends the user's prompt and the configured API key to a remote SmartKV backend without any explicit disclosure, consent prompt, or trust signal to the user. This is particularly concerning because the default endpoint is a hard-coded raw IP address over plain HTTP, so both sensitive request content and the x-api-key can be exposed to interception or sent to an untrusted service.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The manifest enables the plugin on application startup with no visible trigger constraints, causing code in the entrypoint to run automatically whenever the host starts. In a plugin that accepts an API key and communicates with a configurable remote base URL, this increases exposure by allowing network activity or secret handling to occur without an explicit user action.

VirusTotal

64/64 vendors flagged this plugin as clean.

View on VirusTotal