ClawHub

AI Image Generation

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward OpenAI image-generation skill; it needs an API key and may upload selected local images to OpenAI, but the behavior matches its stated purpose.

Install only if you are comfortable configuring an OpenAI API key and sending image prompts, plus any image files you choose for editing or variation, to OpenAI. Keep the API key in a secure environment variable or secret manager, expect possible API charges, and avoid passing private or sensitive files unless you intend to upload them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill declares required environment variables and clearly relies on outbound API access, but it does not declare corresponding permissions for env and network use. This creates a transparency and policy-enforcement gap: a host may underestimate the skill's access needs, making review, sandboxing, and user consent weaker than intended. In this context, network and secret access are expected for an image-generation skill, so the issue is not inherently malicious, but undeclared capabilities still increase risk because the skill handles an API key and can send prompts or data externally.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The image-edit function reads a local file path and uploads the file contents to a remote API without any disclosure, path restrictions, or user-consent guardrails. In an agent setting, this can lead to unintended exfiltration of local sensitive files if an attacker can influence the image_path argument or trick the agent into sending non-image files.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The variation function similarly opens a local path and transmits the file to a remote API with no warning or boundary checks. In a tool-execution environment, this increases the risk of accidental or induced exfiltration of local data, especially because the tool accepts arbitrary paths and does not verify that the target is a legitimate image in a safe location.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The file instructs users to set an OPENAI_API_KEY but provides no warning about secure credential handling, increasing the risk that users expose the key in prompts, logs, screenshots, or checked-in config files. In a skill ecosystem, vague setup instructions can lead to accidental secret disclosure and unauthorized API usage if users mishandle credentials.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal