ClawHub

Mulerouter

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed API wrapper for generating or editing media, but users should know that provided prompts, URLs, and local image files are sent to MuleRouter/MuleRun or the configured endpoint.

Install only if you are comfortable sending prompts, image URLs, and any local files you pass as image inputs to MuleRouter/MuleRun or your configured base URL. Use a dedicated API key, verify MULEROUTER_BASE_URL or MULEROUTER_SITE, and avoid providing sensitive media or non-image file paths.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation instructs users to provide local file paths or remote image URLs that are then converted and sent to external multimodal APIs, but it does not clearly warn that local image contents and referenced remote media will leave the local environment. In an image/video generation skill, this is especially relevant because users may submit sensitive personal, proprietary, or regulated visual data without understanding the privacy implications.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The code automatically detects local paths in image-related parameters and reads those files into memory, converting them to base64 for onward transmission. In a skill whose purpose is to send media to external multimodal APIs, this creates a real exfiltration risk: a user can supply an arbitrary local path and cause local files to be uploaded without an explicit consent step, path restriction, or file-type/content validation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The endpoint explicitly accepts an image as a remote URL or Base64 and is designed to send that input to an external vendor API, but the code provides no user-facing disclosure or guardrails about external fetching or third-party transmission. In a multimodal generation skill, this can cause users to unknowingly expose private images, signed URLs, or internal-only resources to the platform or vendor, making the privacy and data-handling risk real rather than theoretical.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal