ClawHub

UAPI 必应壁纸 接口

Security checks across malware telemetry and agentic risk

Overview

This skill appears to only fetch Bing’s daily wallpaper, but its discovery keywords overpromise unrelated image tools.

Install this only if you want an agent to retrieve the Bing daily wallpaper through UAPI. Do not rely on it for compression, base64 conversion, SVG conversion, NSFW detection, or general image processing. Provide a UAPI key only through normal credential handling if the service explicitly requires it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The manifest description claims this skill handles unrelated operations like image compression, image/base64 conversion, and other image tasks, while the body states it only wraps GET /image/bing-daily. This mismatch can cause incorrect skill routing or activation for requests the skill cannot safely or correctly fulfill, increasing the chance of misuse and unintended downstream API calls.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The keyword section includes unrelated operations such as image compression, base64 conversion, SVG conversion, and NSFW detection, contradicting the stated single-endpoint scope. In an agent environment, broad or misleading documentation can trigger this skill for inappropriate tasks, resulting in confused execution paths, failed calls, or wrong tool selection.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The quick-start states the skill only wraps GET /image/bing-daily, but the keyword list includes unrelated capabilities such as image compression, base64 conversion, SVG conversion, and NSFW detection. This can cause the agent to route unrelated user requests to the wrong skill, creating confused-deputy behavior, unexpected external calls, and possible leakage of user data to an endpoint that does not match the requested task.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The documentation is internally inconsistent: it says the skill maps to only one endpoint, yet also advertises unrelated image operations as trigger phrases. Such contradictions increase the chance that an agent or orchestrator will misclassify requests and invoke this skill outside its safe scope, undermining least-privilege routing and making behavior unpredictable.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The top-level description uses overly broad triggers that cover several unrelated image operations, making activation ambiguous. This can cause the agent to select this skill for requests outside its capability, degrading security and reliability by encouraging inappropriate tool invocation.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The keyword list is overly broad and includes phrases unrelated to the documented endpoint, so the skill may match many image-related user requests it should not handle. In a multi-skill agent system, this kind of ambiguous trigger surface increases the risk of misrouting and unintended behavior.

Vague Triggers

Medium
Confidence
97% confidence
Finding
Broad unrelated trigger phrases materially expand the skill's activation surface beyond its stated purpose. In an agent environment, this can cause unintended invocation on sensitive image-processing requests, sending data or metadata to an irrelevant API path and producing incorrect results or privacy-impacting misroutes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal