ClawHub

TencentCloud YT Segment Portrait

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: it sends a user-selected portrait image to Tencent Cloud for segmentation, with privacy and dependency-installation cautions.

Install only if you are comfortable sending selected portrait images or image URLs to Tencent Cloud and using Tencent Cloud API credentials that may incur charges. Prefer least-privilege Tencent credentials, avoid saving long-lived keys in shared shell profiles, and consider preinstalling a pinned Tencent Cloud SDK in a virtual environment before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
import tencentcloud  # noqa: F401
    except ImportError:
        print("[INFO] tencentcloud-sdk-python not found. Installing...", file=sys.stderr)
        subprocess.check_call(
            [sys.executable, "-m", "pip", "install", "tencentcloud-sdk-python", "-q"],
            stdout=sys.stderr,
            stderr=sys.stderr,
Confidence
95% confidence
Finding
subprocess.check_call( [sys.executable, "-m", "pip", "install", "tencentcloud-sdk-python", "-q"], stdout=sys.stderr, stderr=sys.stderr, )

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill instructs the agent to execute a local Python script and read cloud credentials from environment variables, which are meaningful code capabilities, yet no corresponding permissions are declared. This creates a trust and policy gap: a host may permit the skill under the assumption it is documentation-only, while it can actually invoke shell commands and access sensitive secrets needed for outbound API calls.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation allows callers to submit either raw images or image URLs to a Tencent Cloud endpoint but does not clearly warn users that this data is transmitted to and processed by a remote third-party service. For portrait images, this can involve sensitive biometric or personal data, so missing disclosure can lead to privacy, compliance, and consent failures even if the API behavior is technically expected.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The code uploads user-provided image content or URLs to Tencent Cloud for processing without an explicit disclosure, consent step, or prominent notice at the point of transmission. For portrait segmentation, this can involve biometric-adjacent or sensitive personal imagery, so silent exfiltration to a third-party cloud service creates privacy, compliance, and data-handling risk, especially in agent environments where users may assume local processing.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal