ClawHub

Film Image Gen

Security checks across malware telemetry and agentic risk

Overview

This is a coherent image-generation skill, but it bundles plaintext third-party API keys and sends prompts/reference image URLs to an external API with limited user control disclosure.

Review before installing. Use only with non-sensitive prompts and image URLs, and avoid relying on bundled shared API keys; the publisher should rotate/remove those keys and require user-provided credentials or a managed secret mechanism.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The skill documentation contains hardcoded primary and backup API keys, which exposes live credentials to anyone who can read the file and enables unauthorized use of the third-party image API. This is especially dangerous because the keys grant external network access and billing capability, creating risk of account abuse, cost incurrence, and potential access to generated content or related service data.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The script contains two plaintext API keys and automatically fails over to the backup key on error. Hardcoded secrets are a real credential exposure risk because anyone with access to the script can extract and misuse them to make unauthorized API calls, incur charges, and potentially access account-scoped resources. In an agent skill context, embedding live third-party keys is especially dangerous because skills are often shared, logged, or inspected by multiple systems and users.

Vague Triggers

Medium
Confidence
77% confidence
Finding
The trigger conditions are written very broadly, so the skill may activate on common requests involving images, design, or drawing without sufficiently confirming user intent. In a skill that sends prompts and URLs to an external API and may consume paid credentials, accidental activation can cause unintended data disclosure and unwanted external actions.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill does not clearly warn users that their prompts and reference image URLs will be transmitted to a third-party service for processing. This creates a privacy and compliance risk because users may provide sensitive text or links without understanding that the data leaves the local system and is handled by an external provider.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation notes that one model supports web search for image generation but does not warn that enabling it will send user queries to additional external network services. That omission can expose sensitive prompts, search intent, or contextual information beyond the primary image API without informed consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal