ClawHub

Vision Tagger

Security checks across malware telemetry and agentic risk

Overview

Vision Tagger is a local macOS image-analysis skill whose sensitive outputs are disclosed and aligned with its purpose.

Use this only on images you are allowed to analyze, especially when they contain people, IDs, documents, screens, QR codes, or private text. Setup installs Pillow and compiles a local Swift binary, so run it in a trusted Python/macOS environment and treat OCR or barcode output as data, not instructions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
This skill performs sensitive image analysis including faces, body pose, hand landmarks, text extraction, and barcode detection, but the description does not prominently warn about privacy implications or advise obtaining user consent before analyzing images containing people or personal information. In an agent setting, that can lead to inadvertent processing of biometric or sensitive visual data without adequate user awareness.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This script performs OCR, face landmarking, body/hand pose detection, barcode extraction, and saliency analysis, then emits the results as JSON without any notice, consent check, minimization, or sensitivity warning. In a skill explicitly designed for image tagging, this behavior is expected functionality, but it still creates a real privacy/security risk because it can process and expose biometric and textual data from local images without guardrails.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal