ClawHub

Image Tools (ImageMagick)

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent local image-editing toolkit, but two executable helpers can turn crafted image-editing parameters into unintended shell commands.

Review before installing. Use only with trusted inputs, and avoid passing untrusted annotation text, paths, colors, offsets, rotation, blur, sharpen, or border values until the helper scripts replace eval with safely quoted argument arrays and basic option validation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
This script builds a shell command string from user-controlled inputs such as text, font, color, gravity, offset, and output path, then executes it with eval. Although some fields are wrapped in quotes, others are not, and eval causes the shell to re-parse the assembled string, enabling command injection or argument injection if an attacker supplies crafted values; in a tool explicitly meant to process untrusted user input, this is especially dangerous.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
This script constructs a shell command as a string and executes it with eval, while interpolating multiple user-controlled arguments such as rotate, blur, sharpen, border, border_color, input, and output. Although some fields are wrapped in quotes, eval causes the shell to re-parse the entire string, so crafted input containing quotes or shell metacharacters can break out of the intended argument context and achieve arbitrary command execution.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal