ClawHub

aliyun-image

Security checks across malware telemetry and agentic risk

Overview

This skill coherently provides Alibaba Cloud image generation, editing, translation, and download helpers, but users should understand that selected prompts and images are sent to a paid cloud API.

Install only if you are comfortable using an Alibaba DashScope API key and sending selected prompts, image URLs, local image files, and translation settings to Alibaba Cloud. Avoid confidential or regulated images unless approved, monitor billing, keep the API key secret, and save downloads into a dedicated output folder to avoid overwriting important files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill exposes arbitrary URL download plus arbitrary local file write via the download command, functionality that is broader than the declared image generation/editing/translation scope. In an agent setting, this can be abused to fetch attacker-chosen content and overwrite or place files at user-specified paths, increasing the risk of unsafe file writes or staging unwanted content on the host.

Description-Behavior Mismatch

Low
Confidence
84% confidence
Finding
The edit path silently supports reading arbitrary local files when the provided image argument matches an existing path. In an agent context, this expands the skill from remote image operations to local file access, which could unintentionally exfiltrate local images or other files if path handling is not tightly constrained and documented.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README demonstrates sending prompts, image URLs, and translated image content to Alibaba Cloud endpoints, but it does not warn users that submitted text and image data leave the local environment and may be retained or processed by a third party. In a skill centered on image generation/editing/translation, this omission is materially relevant because users may upload sensitive images or business content without understanding the privacy implications.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The README instructs users to set DASHSCOPE_API_KEY but does not explicitly warn that the key is a secret that must not be hardcoded, committed, logged, or shared. This increases the chance of accidental credential exposure, especially because the file includes example code and CLI usage that users may adapt into scripts or repositories.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The trigger list includes broad, common phrases such as 生成图片, 修图, and 图片翻译, which can cause the skill to activate unintentionally during normal conversation. Accidental activation is risky here because the skill can transmit user-supplied text or image references to an external API and potentially incur cost.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documentation shows that user text, image URLs, and image translation inputs are sent to Alibaba DashScope, but it does not clearly warn users that their content leaves the local environment. In a multimodal skill, this omission materially increases privacy and compliance risk because images may contain sensitive personal, business, or regulated information.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The document encourages uploading local files, remote image URLs, and Base64-encoded images to a third-party API but provides no warning about privacy, data ownership, consent, or copyright implications. In this skill context, users are specifically likely to submit personal photos or proprietary images for editing, so omission of disclosure meaningfully increases the risk of unintended external data exposure.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The API reference instructs users to send prompts and a bearer API key to a third-party cloud endpoint but does not warn that user text and credentials are transmitted off-box to Alibaba Cloud. In a skill context, missing disclosure can cause accidental sharing of sensitive prompts, images, or secrets, especially if users assume processing is local.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal