ClawHub
Back to skill

Security audit

Moyu Make Xhs Pics

Security checks across malware telemetry and agentic risk

Overview

This skill coherently turns a user-selected Markdown article into images using MiniMax or DashScope, with privacy and dependency hygiene caveats.

Install only if you are comfortable sending article-derived prompts to MiniMax or DashScope under those providers' terms. Avoid confidential drafts, personal data, or proprietary documents unless external processing is approved, and consider pinning/auditing dependencies plus cleaning generated files from /tmp after use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (9)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly instructs users to configure third-party image-generation providers and submit local Markdown articles, but it does not disclose that article contents may be sent to external APIs for prompt generation or image synthesis. This creates a real privacy and data-handling risk because users may unknowingly process sensitive local content through external services, especially in an automation/agent-skill context where trust in local-file handling is implied.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation instructs users to configure API keys and use external image-generation providers, but it does not warn that article contents may be uploaded to those third-party services for processing. If users supply sensitive or unpublished Markdown, the skill could exfiltrate proprietary or personal data to cloud vendors without informed consent.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The code sends user-supplied prompts to third-party image generation providers (MiniMax or DashScope). While this is functionally required for the skill, it creates a real privacy and data-handling risk because potentially sensitive user content is transmitted externally without any in-code disclosure, consent flow, or minimization.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
Generated images are written to predictable local temporary storage under /tmp, which may persist longer than users expect and may be accessible to other local processes depending on host configuration. This is a real data exposure concern if the generated content contains sensitive or proprietary material.

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests
dashscope
Pillow
Confidence
97% confidence
Finding
requests

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests
dashscope
Pillow
Confidence
94% confidence
Finding
dashscope

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests
dashscope
Pillow
Confidence
98% confidence
Finding
Pillow

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
95% confidence
Finding
requests

Known Vulnerable Dependency: Pillow — 10 advisory(ies): CVE-2016-2533 (Pillow buffer overflow in ImagingPcdDecode); CVE-2023-50447 (Arbitrary Code Execution in Pillow); CVE-2021-27922 (Pillow Uncontrolled Resource Consumption) +7 more

Critical
Category
Supply Chain
Confidence
98% confidence
Finding
Pillow

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.