ClawHub

Recraft AI

Security checks across malware telemetry and agentic risk

Overview

The skill matches its Recraft image-generation purpose and shows no hidden execution, exfiltration, persistence, or destructive behavior.

Install only if you are comfortable providing a Recraft API token and sending selected prompts and images to Recraft for processing. Avoid sensitive, proprietary, or regulated images unless that use is permitted, choose output paths deliberately, and run user-info only when you want your account details printed in the local command output.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill advertises capabilities that require access to environment variables, outbound network calls, and writing files, but it does not declare permissions explicitly. This weakens security review and consent because a user or host may not realize the skill can access the API token, contact an external service, and save outputs locally.

Tp4

High
Category
MCP Tool Poisoning
Confidence
91% confidence
Finding
The documented purpose focuses on image generation and transformation, but the skill also exposes a user-info command that retrieves account metadata such as ID, name, email, and credits. That is a real behavior expansion beyond the stated purpose and can lead to unexpected disclosure of personal or account information to the agent or user without clear prior notice.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill includes a `user-info` command that retrieves and prints account profile data, which expands functionality beyond image generation/editing. This creates an unnecessary data-access surface because users may invoke or expose account information not needed for the stated image-processing purpose.

Description-Behavior Mismatch

Low
Confidence
84% confidence
Finding
The parser/module description emphasizes image generation and transformation but does not clearly disclose that the tool can also fetch account information. This mismatch can mislead users about the scope of data the skill can access and makes security review and informed consent harder.

Context-Inappropriate Capability

Medium
Confidence
82% confidence
Finding
Fetching account profile data is not required to perform image generation or editing, so it violates least-privilege expectations for the skill's declared purpose. Even if limited to the authenticated user's profile, unnecessary data access increases privacy risk and broadens the blast radius of misuse.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill documentation does not clearly warn that prompts and input images are transmitted to the external Recraft API for processing. Users may provide sensitive text or images under the false assumption that processing is local, creating privacy and data-handling risk when personal, proprietary, or regulated content is uploaded.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
Multiple commands upload local image files to an external API, but the script does not prominently warn users that local file contents are transmitted off-device. In an agent/skill context, this can lead to inadvertent disclosure of sensitive images or embedded metadata to a third party.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal