ClawHub
Back to skill

Security audit

ifly-image-understanding

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it sends a user-chosen image and question to iFlytek's image-understanding API, with no evidence of hidden persistence, destructive behavior, or unrelated data access.

Install only if you are comfortable sending selected images and questions to iFlytek for processing. Use a dedicated iFlytek app/key if possible, monitor quota or billing, avoid highly sensitive images unless approved for that provider, and ignore or remove the stray .claude local settings file if it is not needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documentation indicates the capability to read environment variables and make outbound network connections, but it does not declare permissions accordingly. This can mislead users or platforms about the skill's actual trust boundary, especially because it handles API credentials and sends data to a remote service. In this context, the mismatch is not overtly malicious, but it weakens informed consent and reviewability.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The usage/setup section does not clearly warn users that supplied images and prompts are sent to a third-party remote API. Because image inputs may contain sensitive personal, financial, or confidential business information, omission of this disclosure can cause unintended data exfiltration to an external provider. The skill context makes this more significant because the entire purpose of the tool is to upload user-provided visual content for analysis.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script transmits the full image contents and the user's question to a remote third-party API, but it does not present an explicit runtime privacy notice or confirmation before sending potentially sensitive data. In an agent-skill context, users may assume local-only processing unless clearly told otherwise, creating a meaningful data exposure risk for private images or documents.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal