ClawHub

Zai Vision

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Z.AI vision API helper, but users should understand that selected images, videos, and prompts are sent to Z.AI.

Install only if you are comfortable sending the specific images, videos, and prompts you choose to Z.AI for processing. Avoid using it on screenshots, recordings, documents, or diagrams that contain secrets, personal data, regulated data, or confidential business information unless you have approval. Use a dedicated API key where possible and consider pinning or verifying the zai-sdk dependency in controlled environments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill says it uses the Z.AI Vision API but does not clearly warn that user-supplied images and videos are transmitted to an external third-party service for processing. Because visual inputs can contain sensitive information such as screenshots, documents, PII, credentials, or proprietary diagrams, this omission can cause users to unknowingly exfiltrate confidential data outside the local environment.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation encourages users to analyze local images and videos with an external API but does not clearly disclose that the referenced files are uploaded off-host to Z.AI for processing. In a vision-analysis skill, users are especially likely to submit screenshots, UI captures, logs, diagrams, and videos that may contain secrets, PII, or internal system details, so omission of a privacy warning can lead to unintended data exfiltration.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The Python example explicitly reads a local image, base64-encodes it, and sends it to the external API, yet it provides no adjacent security or privacy notice about third-party transmission. Because this example also shows direct API-key usage, readers may copy it into real workflows and unknowingly send sensitive screenshots or documents to the provider, increasing risk of credential exposure, privacy violations, or leakage of proprietary information.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script sends both the user-provided prompt and the full video content to a third-party API, but it does not provide any explicit consent, warning, or redaction guidance at the point of transmission. In a vision-analysis skill, this is contextually expected behavior, but it still creates a real privacy and data-disclosure risk because videos may contain sensitive information, faces, documents, screens, or other confidential content.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script sends both the user-provided prompt and the full image contents to a third-party vision API, but it provides no explicit warning, consent flow, or data-handling notice to the user. In a skill context, this can cause unintended disclosure of sensitive screenshots, documents, UI data, or personal information to an external service, especially when users may assume analysis is local.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal