ClawHub

Photo Organizer

Security checks across malware telemetry and agentic risk

Overview

This is a user-directed local photo organizer with some overstated documentation, but the code does not show hidden, networked, credential, or destructive behavior.

Use preview mode first, choose input and output folders carefully, and keep your own backup of important photos. Treat location sorting, tagging, and one-click undo claims as limited in this version, and verify any pip package before installing because the reviewed code is the local script.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill clearly describes filesystem read/write behavior for organizing and undoing photo changes, yet no explicit permissions are declared. In an agent ecosystem, undeclared file access is dangerous because users and the platform may not realize the skill can enumerate, move, overwrite, or modify local files, increasing the risk of unintended data exposure or destructive operations.

Tp4

High
Category
MCP Tool Poisoning
Confidence
84% confidence
Finding
The documented behavior overstates capabilities such as GPS-based location sorting and batch tagging, while the implementation reportedly does not actually perform those functions and also includes undo behavior not fully reflected in the description. Security-relevant behavior mismatches are risky because users make trust decisions based on the description; hidden or inaccurately described file operations can lead to unexpected data movement, mistaken assumptions about metadata handling, and unsafe use.

Intent-Code Divergence

Medium
Confidence
86% confidence
Finding
The README makes a strong safety claim that the tool defaults to copying rather than moving original photos, but the surrounding documentation does not substantiate that guarantee. For a file-management tool handling large personal photo collections, inaccurate safety claims can cause irreversible data loss if users trust the documentation and run destructive operations without additional backups.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
Claiming automatic backup before execution creates a false sense of safety for users performing bulk filesystem operations on valuable personal data. If backup support is not actually implemented, users may proceed assuming rollback is guaranteed, increasing the likelihood of accidental loss or corruption of photos and metadata.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal