ClawHub

Pro Color Palette

Security checks across malware telemetry and agentic risk

Overview

This is a coherent color-palette image tool, with ordinary caution needed around user-supplied image URLs and optional external AI image generation.

Install is reasonable for local palette work. Prefer local image files or trusted public image URLs, avoid localhost/internal/private URLs and confidential images, and only use the optional AI image mode when you are comfortable sharing the prompt or image context with that provider.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill documentation advertises capabilities that can access remote resources, such as accepting an image URL and using an external AI image generator, but there is no declared permission or disclosure boundary in the skill file. This creates a transparency and governance gap: users and the platform may assume the skill is local-only while it can transmit data over the network.

Description-Behavior Mismatch

Medium
Confidence
87% confidence
Finding
The function falls back to fetching arbitrary URLs when local image opening fails, which expands the trust boundary from local file processing to external network access. In an agent or automated environment, this can enable SSRF-like access to internal resources, unexpected data egress, and processing of untrusted remote content without explicit restriction.

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The CLI explicitly downloads attacker-controlled URLs and writes the response body to /tmp before further processing. This broadens the skill from local palette generation into arbitrary remote content retrieval and local storage, which is risky in sandboxed or privileged agent environments and can be abused for SSRF or resource-consumption attacks.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
Arbitrary external HTTP fetching is a real security concern here because the code accepts any URL-like input and retrieves it without meaningful validation. Even though the skill description mentions extracting colors from images, unrestricted fetching is more dangerous in agent contexts because it can reach unintended network targets and ingest malformed or oversized content.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly supports extracting palettes from an image URL and invoking an AI image generator, but it does not warn that user-supplied images, URLs, prompts, or derived content may be sent to third-party services. That omission can lead to unintended disclosure of private data, internal URLs, or copyrighted/sensitive images.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal