ClawHub

Waifu Generator Skill

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward AI image generator that sends the user’s prompt and token to the disclosed external image service, with no evidence of hidden persistence, local data access, or destructive behavior.

Install only if you are comfortable sending your image prompts, optional reference image UUIDs, and Neta/TalesOfAI API token to api.talesofai.com. Avoid sensitive or regulated prompts, and be careful using the --token flag on shared machines or in logged command histories.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill advertises and instructs use of an external API token and invokes a script that necessarily makes outbound network requests, but the skill metadata does not declare network permissions. This mismatch is dangerous because it obscures the skill's true capabilities from reviewers and users, reducing transparency around data egress and token handling.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The skill metadata claims it uses the Neta AI API, but the implementation actually sends prompts and credentials to TalesOfAI endpoints. This is a real security-relevant transparency issue because users may disclose prompts, reference image identifiers, and API tokens under false assumptions about the receiving third party.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README explicitly promotes use of an external image-generation API but does not clearly disclose that user prompts and optional reference-image identifiers are transmitted to a third-party service. This can mislead users into submitting sensitive text or references under the assumption the skill operates locally, creating privacy, compliance, and data-handling risks.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
Accepting the API token via a command-line flag exposes it to local process listings, shell history, job logs, and telemetry on multi-user or monitored systems. Because the token is then used directly in outbound requests, anyone who obtains it may be able to impersonate the user and abuse the third-party account.

External Transmission

Medium
Category
Data Exfiltration
Content
// --- Submit job ---
async function submitJob() {
  const res = await fetch("https://api.talesofai.com/v3/make_image", {
    method: "POST",
    headers: HEADERS,
    body: JSON.stringify(body),
Confidence
95% confidence
Finding
fetch("https://api.talesofai.com/v3/make_image", { method: "POST"

External Transmission

Medium
Category
Data Exfiltration
Content
// --- Submit job ---
async function submitJob() {
  const res = await fetch("https://api.talesofai.com/v3/make_image", {
    method: "POST",
    headers: HEADERS,
    body: JSON.stringify(body),
Confidence
95% confidence
Finding
https://api.talesofai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
// --- Poll for result ---
async function pollTask(taskUuid) {
  const url = `https://api.talesofai.com/v1/artifact/task/${taskUuid}`;
  const MAX_ATTEMPTS = 90;
  const INTERVAL_MS = 2000;
Confidence
86% confidence
Finding
https://api.talesofai.com/

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal