ClawHub

Vaporwave Art Generator

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: it sends a user prompt and Neta token to an external image-generation API and prints the resulting image URL.

Install only if you are comfortable using a third-party image-generation API. Do not include secrets, sensitive personal data, or proprietary concepts in prompts or reference image IDs, and prefer avoiding raw tokens in command history when possible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill documentation instructs users to run a script that uses an external Neta API token, which implies outbound network access, yet the skill does not declare corresponding permissions. Undeclared network capability reduces transparency and weakens trust boundaries because users and platforms may not realize the skill can transmit prompts and tokens to a third-party service.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README instructs users to submit free-form prompts and optional reference image UUIDs to an external image-generation service, but it does not clearly disclose the privacy and data-sharing implications. Users may unknowingly send sensitive prompts, proprietary creative concepts, or reference identifiers to a third party, increasing the risk of unintended data exposure or compliance issues.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script accepts a user-supplied API token and automatically sends it in the x-token header to a third-party endpoint, but only tells the user a token is required; it does not clearly disclose where that token will be transmitted or that prompts/reference IDs are also sent off-host. In an agent skill context, this is a real transparency and secret-handling issue because users may provide credentials without understanding they are being disclosed to an external service under a different brand/domain than the skill metadata suggests.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal