ClawHub

AI Image Gen

Security checks across malware telemetry and agentic risk

Overview

The skill performs image generation, but its default third-party API proxy creates a real prompt and API-key trust risk that users should review before installing.

Install only if you are comfortable sending prompts and API credentials to the configured third-party endpoint. Prefer configuring an official provider endpoint if supported, avoid sensitive prompts, and check where generated files are written.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill documentation indicates use of environment variables, network access to an external API, and local file output, but no permissions are declared. This creates a transparency and least-privilege problem: a user or host agent may invoke the skill without understanding that prompts are sent off-box and files are written locally.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill omits a clear warning that user prompts are transmitted to an external image-generation service and that outputs are written to local storage. In an image-generation context, prompts may contain sensitive project details or personal data, so failing to disclose this can cause unintended data exposure and privacy/compliance issues.

Missing User Warnings

Low
Confidence
93% confidence
Finding
The script sends the user's prompt to a remote third-party image-generation endpoint, but it does not provide any explicit notice or consent flow before transmitting that potentially sensitive text off-host. In an agent skill context, users may reasonably assume local processing unless told otherwise, so private or confidential prompt content could be disclosed unintentionally.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal