ClawHub

SiliconFlow Qwen Vision

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it sends a user-chosen image and prompt to SiliconFlow for vision analysis, with no hidden persistence or unrelated behavior found.

Install only if you are comfortable sending selected images and prompts to SiliconFlow. Avoid private screenshots, documents, faces, or regulated content unless external processing is approved, and prefer an environment variable or secret manager over typing API keys directly on the command line.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README instructs users to analyze images using a third-party SiliconFlow/Qwen2.5-VL API and explains how to provide an API key, but it does not clearly warn that image contents and prompts will be transmitted to an external service. This can cause accidental disclosure of sensitive images or metadata, especially because the skill is explicitly for image understanding and users may submit private photos, documents, or screenshots.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends user-supplied images and prompts to an external SiliconFlow-hosted model, but the documentation does not clearly warn users that their content leaves the local environment. This can cause unintentional disclosure of sensitive images, embedded metadata, or confidential prompt content to a third party, especially in enterprise or regulated contexts.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script base64-encodes the user-supplied image and transmits it to a third-party API, but the CLI does not provide a clear, explicit user-facing warning that local image contents will leave the machine. This matters because images may contain sensitive visual data or embedded metadata, and users may assume local-only processing from the skill description.

External Transmission

Medium
Category
Data Exfiltration
Content
"max_tokens": 2048
    }
    
    response = requests.post(url, headers=headers, json=payload, timeout=120)
    
    if response.status_code != 200:
        print(f"Error: API 返回错误 {response.status_code}", file=sys.stderr)
Confidence
93% confidence
Finding
requests.post(url, headers=headers, json=

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal