ClawHub

Chatgpt Image Gen

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is transparent about controlling ChatGPT for image generation, but it uses a real logged-in browser session and explicitly presents that as bypassing bot detection.

Review before installing. Use this only if you are comfortable letting an agent operate an already logged-in ChatGPT tab, submit prompts, inspect visible page state, click UI controls, and download files through your account. Prefer a dedicated browser profile or isolated ChatGPT session, verify the attached tab and visible page before actions, and detach or close the tab when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill directs automation against a live, logged-in ChatGPT session and includes submitting prompts and downloading outputs, but it does not provide strong safety boundaries around account-scoped actions, consent, or download handling. Because the browser session inherits the user's real permissions, a mistaken selector, prompt injection on the page, or misuse of the skill could cause unintended account actions or file downloads under the user's identity.

Ssd 2

Medium
Confidence
97% confidence
Finding
The statement that the approach 'bypasses ChatGPT's bot detection because it uses your real browser session' explicitly frames the skill as a method to evade platform anti-automation controls. Guidance that normalizes bypassing safety or anti-abuse mechanisms increases the risk of policy-violating use and encourages operation under a privileged authenticated session, making misuse easier and harder to distinguish from legitimate activity.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal