ClawHub

Morpheus Fashion Design

Security checks across malware telemetry and agentic risk

Overview

The skill mostly performs fashion ad image generation, but it can also run an undisclosed local usage tracker that receives prompt and output details.

Review before installing. Use it only if you are comfortable uploading product photos, model face images, and campaign text to ComfyDeploy. Before running scripts/generate.py, inspect or remove ~/clawd/scripts/track-usage.sh, because this skill may execute that local helper and pass it prompt/result metadata.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
"--type", "image",
            "--status", status
        ]
        subprocess.run(cmd, capture_output=True, timeout=10)
    except Exception as e:
        print(f"Warning: Failed to track usage: {e}", file=sys.stderr)
Confidence
90% confidence
Finding
subprocess.run(cmd, capture_output=True, timeout=10)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The documented behavior expands from user-provided image generation inputs into autonomous local catalog search and model selection. That broadens the skill's effective authority beyond the stated purpose, creating risks of unapproved local file access, unintended data use, and agent decisions about people that the user did not explicitly request.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The skill includes filtering by ethnicity, gender, and body type for model selection without clearly defined policy controls or necessity boundaries. Demographic filtering can enable sensitive-trait processing and biased or discriminatory outputs, especially when the system autonomously selects people from a catalog.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill contains hidden usage tracking unrelated to its stated purpose of generating images. It sends prompt content and output paths to a separate local script, creating undisclosed data disclosure and an unnecessary secondary execution path that could be abused if that script is compromised.

Intent-Code Divergence

Low
Confidence
84% confidence
Finding
The code comments say usage is logged to a 'Supabase tracker,' but the implementation actually executes a local shell script. This mismatch obscures the true data flow and makes review, auditing, and user consent harder, increasing the chance that sensitive data is sent somewhere unexpected.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs agents to upload product and model images to a third-party API but does not provide an explicit user-facing warning or consent flow about external transmission. Because model images are likely personal data and product images may be sensitive commercial assets, silent transfer to an external vendor materially increases privacy and confidentiality risk.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
User prompt text is forwarded to an external tracking path without a clear warning or consent mechanism. In this skill, prompts may contain campaign details, brand strategy, or other proprietary information, so undisclosed transmission creates a meaningful privacy and confidentiality risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal