ClawHub

GPT-image2

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward command-line image generator that calls RedFox APIs and saves generated images locally, with no evidence of hidden or destructive behavior.

Install only if you are comfortable sending prompts, API keys, and any reference images you choose to redfox.hk. Do not use confidential images or regulated data, and set a private output directory if generated files should not remain in Downloads/QoderImages. The built-in public API key is disclosed, but using your own revocable key is safer for account control.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The README says users can 'simply describe the image you want in natural language — no commands to memorize,' which makes ordinary conversational requests double as skill-invocation input. Overly broad invocation guidance increases the chance of unintended activation and ambiguous routing, especially in agent environments where normal user chat may be interpreted as permission to perform external API calls or generate/download files.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README's output example shows automatic downloading and saving of generated images to a local filesystem path, but it does not warn users that local file writes will happen. In an agentic setting, silent file creation can surprise users, consume disk space, overwrite expected locations, or normalize behavior where external content is fetched and persisted without explicit consent.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The README instructs users to invoke the skill with ordinary natural-language requests like “帮我画…”, which is broad enough to overlap with normal conversation and can cause accidental activation. In an agent setting, this increases the chance that unrelated conversational content is interpreted as an instruction to generate and download images, potentially triggering unintended external API usage and file output.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill supports image editing by uploading prompts and local reference images to an external service, but the documentation does not clearly warn users that this data leaves the local machine. This can expose sensitive images, metadata, or confidential prompt content to a third party without adequate user awareness.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The skill writes generated images to a default local output directory, but the documentation does not prominently warn users of this behavior. This may lead to unintended local storage of sensitive or regulated content in a predictable location, where it could later be accessed by other users, backup tools, or syncing services.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal