ClawHub

ChatGPT Image Tailnet

Security checks across malware telemetry and agentic risk

Overview

This skill openly automates ChatGPT image generation through a specific remote tailnet browser and saves the resulting image locally, but users should only use it if they trust that remote browser setup.

Install only if you trust the remote Camoufox tailnet host and the ChatGPT session it controls. Prompts and generated images pass through that remote browser and ChatGPT, and generated images are saved locally, so avoid sensitive prompts unless that setup is acceptable and choose an output path you can manage or delete.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs the agent to download generated images from the remote browser context and save them to a local output path, but this data movement is not surfaced as a user warning in the description. That omission can cause users to unknowingly allow remote-to-local file transfer and persistence of generated or potentially sensitive content on disk.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The helper sends user-controlled prompts and browser-automation commands over plain HTTP to a hardcoded tailnet host, with no transport security, host authentication, or in-code disclosure of what data leaves the local machine. In this skill’s context, prompts may contain sensitive user content and are also submitted onward to chatgpt.com via a remote browser session, so interception, misrouting, or unintended third-party exposure is materially more dangerous than a purely local image-generation workflow.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal