ClawHub
Back to skill

Security audit

Grs Image

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward GrsAI image-generation skill with normal API-key and network behavior, but users should treat submitted prompts and reference images as shared with GrsAI.

Install only in a trusted Python environment, keep GRSAAI_API_KEY private, avoid submitting confidential prompts, personal images, internal URLs, or regulated data unless you accept GrsAI processing them, and choose output filenames carefully because the script can overwrite files accessible to the current user.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Tainted flow: 'image_url' from requests.post (line 114, network input) → requests.get (network output)

Medium
Category
Data Flow
Content
print(f"\n图片URL: {image_url}")
                    
                    # 下载图片
                    img_resp = requests.get(image_url, timeout=60)
                    with open(output_path, "wb") as f:
                        f.write(img_resp.content)
                    print(f"已保存: {output_path}")
Confidence
91% confidence
Finding
img_resp = requests.get(image_url, timeout=60)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill documentation demonstrates capabilities that use environment variables and outbound network access to an external API, but it does not declare corresponding permissions. This creates a transparency and governance gap: users or hosting platforms may not realize the skill transmits data off-system or depends on sensitive secrets, which can undermine informed consent and policy enforcement.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The usage instructions tell users to submit prompts and optionally reference-image URLs or Base64 image data to the tool, but they do not clearly warn that this content will be sent to a third-party GrsAI service. Prompts and reference images can contain sensitive business data, personal data, or confidential designs, so failing to disclose external transmission can lead to unintended data exposure.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal