ClawHub

Yq Mj Prompt Optimizer

Security checks across malware telemetry and agentic risk

Overview

This skill is only a prompt-writing guide, but it explicitly teaches automatic, silent rewriting to get around Midjourney sensitivity filters.

Install only if you intentionally want an MJ prompt rewriter that may silently alter your wording to avoid Midjourney sensitivity checks. Review generated prompts before use, and do not rely on this skill for transparent or policy-compliant content moderation guidance.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger list includes broad everyday phrases such as '生成图片' and '帮我画', which can cause the skill to activate in contexts the user did not intend. Over-broad activation is dangerous here because the skill silently rewrites user content, so accidental invocation can lead to undisclosed modification of requests and unintended policy-evasion behavior.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The description explicitly says the skill will automatically apply sensitive-word filtering and directly output a usable prompt without notifying the user. Silent modification is risky because it removes user awareness and consent, and in this case it can conceal that the system is rephrasing content specifically to avoid Midjourney filtering.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The workflow instructs the system to perform direct replacements without warning the user, reinforcing a silent-rewrite design. In context, this is more dangerous than a generic rewrite tool because the edits are framed as a way to work around platform sensitivity checks rather than as transparent safety-preserving transformations.

Ssd 4

Medium
Confidence
99% confidence
Finding
The skill operationalizes step-by-step rewriting of prompts to avoid Midjourney's sensitive-word and combination-based moderation, including substitutions for black wings, horns, fangs, and clothing combinations. This is dangerous because it turns the skill into a moderation-evasion aid, enabling users to generate content closer to material the downstream platform intended to restrict while hiding those changes from the user.

Ssd 2

Medium
Confidence
99% confidence
Finding
The sensitive-word replacement table provides concrete paraphrases designed to retain the user's intended imagery while avoiding explicit flagged terms. In this context, that is not harmless optimization; it is actionable bypass guidance that can be reused to systematically evade platform safeguards.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal