ClawHub

wan-image-gen

Security checks across malware telemetry and agentic risk

Overview

This skill mostly does what it says, but it includes unsafe credential handling and pushes generated images to public hosting with limited user-control guidance.

Review before installing. Do not use the embedded example key; use only your own DashScope key and avoid pasting secrets into logs or shared chats. Treat prompts as sent to Alibaba DashScope, and assume uploaded images on catbox.moe are public or externally retained. Use this only for images you are comfortable saving locally and hosting publicly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger description is broad enough to activate on many generic image requests while automatically invoking a workflow that both creates a local file and publishes it to a third-party hosting service. Over-broad routing increases the chance that users are funneled into an action with privacy and data-handling consequences they did not explicitly request.

Missing User Warnings

High
Confidence
97% confidence
Finding
The description omits a clear warning that generated images will be uploaded to catbox.moe, a public third-party hosting provider, making the resulting image accessible via a public URL. Users may provide sensitive prompts or request images containing private material without realizing the output will be publicly disclosed.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The workflow writes a file directly to the user's Desktop without prior confirmation or warning, causing unexpected local file creation. This can violate user expectations, create clutter, and potentially expose generated content to other local users or backup/sync systems.

External Transmission

Medium
Category
Data Exfiltration
Content
调用 DashScope 同步接口生成图片:

```bash
curl --location 'https://dashscope-intl.aliyuncs.com/api/v1/services/aigc/multimodal-generation/generation' \
  --header 'Content-Type: application/json' \
  --header 'Authorization: Bearer $DASHSCOPE_API_KEY' \
  --data '{
Confidence
95% confidence
Finding
curl --location 'https://dashscope-intl.aliyuncs.com/api/v1/services/aigc/multimodal-generation/generation' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer $DASHSCOPE

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal