ClawHub

Trading Card Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a simple image-generation helper that sends the user's prompt and Neta token to the disclosed Neta/TalesOfAI API and prints the generated image URL.

Reasonable to install if you are comfortable sending prompts, optional reference IDs, and your Neta API token to api.talesofai.com. Avoid sensitive prompts, and prefer a private shell or safer secret handling because the --token argument may appear in shell history, logs, or process listings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill invokes an external API and explicitly requires a user-supplied Neta token, which indicates network access is part of its operation, yet no corresponding permission is declared. This creates a transparency and policy-enforcement gap: users or hosting systems may not realize the skill can transmit prompts, metadata, and credentials to a remote service.

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
The skill metadata claims to use the Neta AI API, but the implementation actually sends prompts and credentials to talesofai.com. This mismatch is security-relevant because users may consent to sharing data with one provider while the code silently transmits it to another, defeating informed trust boundaries and creating a deceptive exfiltration path for prompts, reference IDs, and API tokens.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The README explicitly instructs users to supply the API token via a command-line flag, which can expose the credential through shell history, process listings, CI logs, and telemetry. Because this skill requires a live third-party API token, the guidance increases the chance of accidental credential disclosure during normal use.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
Accepting the API token via a command-line flag exposes it to shell history, process listings, terminal logging, and agent telemetry in many environments. In this skill, the risk is amplified because the token is then immediately sent to a third-party service, so accidental credential disclosure could enable unauthorized API use and billing abuse.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal