ClawHub

API-Station

Security checks across malware telemetry and agentic risk

Overview

This skill is a documentation and example-calling guide for a third-party AI API service, with disclosed external API calls and media uploads but privacy and billing cautions users should read carefully.

Install only if you intend to use this third-party AI API service. Use a dedicated API token, expect possible charges, do not upload private or regulated media unless you trust the provider, and assume uploaded image URLs may be externally accessible or retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill is presented as documentation/querying, but it contains step-by-step instructions and code to actively invoke third-party APIs and transfer user data off-platform. That mismatch is dangerous because users or agents may treat it as passive reference material when it actually enables network actions, credential use, billing, and data transmission.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill instructs users to upload local images to an external image-hosting endpoint to obtain a public URL, which exposes potentially sensitive local files outside the user's environment. For a documentation-oriented skill, this is especially risky because it normalizes exfiltration of local content without strong necessity, trust validation, or access-control guarantees.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The markdown explicitly tells users to upload local images to a public image-hosting service yet does not warn that the resulting URL may be publicly accessible or that the third party may retain, inspect, or redistribute the content. This creates a meaningful risk of accidental disclosure of personal, confidential, or regulated data.

External Transmission

Medium
Category
Data Exfiltration
Content
```python
# 方式1: 上传本地图片到图床
with open("reference_image.jpg", "rb") as f:
    response = requests.post(
        "https://imageproxy.zhongzhuan.chat/api/upload",
        headers={"Authorization": "Bearer sk-xxx"},
        files={"file": f}
Confidence
97% confidence
Finding
requests.post( "https://

External Transmission

Medium
Category
Data Exfiltration
Content
image_url = None
if use_reference_image:
    with open("reference.jpg", "rb") as f:
        upload_response = requests.post(
            "https://imageproxy.zhongzhuan.chat/api/upload",
            headers={"Authorization": "Bearer sk-xxx"},
            files={"file": f}
Confidence
97% confidence
Finding
requests.post( "https://

External Transmission

Medium
Category
Data Exfiltration
Content
```python
# 1. 上传图片到图床
with open("image.jpg", "rb") as f:
    upload_resp = requests.post(
        "https://imageproxy.zhongzhuan.chat/api/upload",
        headers={"Authorization": "Bearer sk-xxx"},
        files={"file": f}
Confidence
97% confidence
Finding
requests.post( "https://

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal