ClawHub

Drip director

Security checks across malware telemetry and agentic risk

Overview

This is a coherent image-generation workflow, but users should understand it uses local reference images, a Google API key, external Gemini calls, and cleanup of generated intermediates.

Install only if you are comfortable sending reference images, generated outputs, briefs, and constraints to Google/Gemini and using a Google API key. Keep unrelated sensitive images out of the OpenClaw inbound media folder, review each confirmation step, and preserve any intermediate outputs before convergence if you want to keep them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
84% confidence
Finding
Triggering on any image-generation request is overly broad and can cause the skill to activate in contexts where the user did not intend this pipeline or its side effects. In this skill, activation can lead to local file enumeration, external API use, and stateful workflow behavior, so broad matching expands the chance of unintended data handling.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends generated images, reference-derived brief data, and constraints to an external Gemini API, but the user-facing description does not clearly disclose this transmission. That creates a privacy and consent risk because users may provide sensitive photos or brand assets without understanding they will be sent off-box to a third party.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill instructs deletion of intermediate files via rm without a clear user-facing warning that generated artifacts may be removed automatically. This can cause unexpected data loss, especially if the user expected to keep iteration outputs for review or audit.

External Transmission

Medium
Category
Data Exfiltration
Content
]}]}')

# Call Gemini API — capture HTTP status and body separately
HTTP_STATUS=$(curl -s -w "%{http_code}" -o /tmp/sd-critique.json \
  "https://generativelanguage.googleapis.com/v1beta/models/gemini-2.5-flash:generateContent?key=$GOOGLE_API_KEY" \
  -H "Content-Type: application/json" \
  -d "$PAYLOAD")
Confidence
97% confidence
Finding
curl -s -w "%{http_code}" -o /tmp/sd-critique.json \ "https://generativelanguage.googleapis.com/v1beta/models/gemini-2.5-flash:generateContent?key=$GOOGLE_API_KEY" \ -H "Content-Type: application/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal