Cs Free Image Generator Nv

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward NVIDIA-backed image generator, with some documentation gaps users should understand before use.

Install only if you are comfortable providing an NVIDIA_API_KEY, sending image prompts to NVIDIA's API, and having generated response JSON saved under /tmp. Avoid putting secrets, private data, or confidential business content in prompts, and be aware the documented model name should be clarified by the publisher.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection

Findings (5)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill documentation indicates use of environment variables, outbound network access to the NVIDIA API, and file writes to /tmp, but no permissions are declared. This creates a transparency and policy-enforcement gap: users and hosts cannot accurately assess or constrain the skill's capabilities, and a compromised or modified script could exfiltrate secrets or persist sensitive outputs without prior declaration.

Description-Behavior Mismatch

Medium

Confidence: 80% confidence
Finding: The manifest says the skill uses NVIDIA MoCL via NVIDIA API Playground, but the code calls a different model endpoint, black-forest-labs/flux.2-klein-4b. This mismatch undermines transparency and trust, and could cause users to send data under incorrect assumptions about the provider, model, or handling characteristics.

Context-Inappropriate Capability

Low

Confidence: 83% confidence
Finding: The script silently reads a user-specific ~/.openclaw/.env file to load credentials, which is broader capability than a simple prompt-to-image wrapper implies. Hidden credential loading increases surprise and weakens reviewability, especially in agent skill contexts where users may not expect filesystem access to personal configuration files.

Vague Triggers

Medium

Confidence: 81% confidence
Finding: The trigger phrases include very broad requests such as '生成图片', '画一张图', and 'text to image', which can overlap with many ordinary user intents and cause the skill to activate unexpectedly. Overbroad activation increases the chance of unintended network calls, file writes, and use of API-backed functionality without clear user consent or the most appropriate tool being selected.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The script transmits the user-provided prompt to an external NVIDIA API without any explicit warning or consent mechanism. In a skill setting, prompts may contain sensitive personal or proprietary information, so undisclosed network transmission creates a privacy and data-governance risk.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal