ClawHub

Mockup Gen Skill

Security checks across malware telemetry and agentic risk

Overview

This image-generation skill appears purpose-aligned, but users should treat prompts, reference images, and API tokens as data sent to a third-party service.

Install only if you trust the Neta/talesofai service and the publisher. Use a limited API token, avoid private or sensitive prompt/image inputs, and prefer not to paste tokens directly into command lines.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
78% confidence
Finding
The skill declares only Bash tooling and does not disclose the network capability implied by its behavior, which reduces transparency and weakens user/admin review of what the skill can do. Because the skill handles an API token and makes outbound requests, undeclared network use can expose secrets or send data to external services without clear user awareness.

Tp4

High
Category
MCP Tool Poisoning
Confidence
96% confidence
Finding
The skill advertises use of the Neta API but static analysis indicates it actually contacts a different external service (api.talesofai.cn) and supports additional reference-based image editing not disclosed in the description. This mismatch is dangerous because users may provide prompts, API tokens, or images under false assumptions about where data is sent and how it is processed, creating a strong risk of credential misuse, data exfiltration, or deceptive behavior.

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
The skill metadata says it uses the Neta AI image generation API, but the implementation sends prompts and the provided token to unrelated talesofai.cn endpoints. This mismatch is a serious trust and transparency issue because users may disclose credentials and content under false assumptions about the recipient service.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README explicitly instructs users to pass an API token on the command line, which can expose the secret through shell history, process listings, audit logs, and CI/job output. In this skill's context, the risk is real because the tool is intended for CLI usage and encourages direct token entry without any warning or safer alternative.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The code transmits both user-supplied prompt content and an authentication token to an external service without any user-facing disclosure in the tool itself. In an agent skill context, this is risky because prompts may contain sensitive data and tokens may be reused or abused if the destination is not the expected provider.

External Transmission

Medium
Category
Data Exfiltration
Content
// --- Submit job ---
async function submitJob() {
  const res = await fetch("https://api.talesofai.cn/v3/make_image", {
    method: "POST",
    headers: HEADERS,
    body: JSON.stringify(body),
Confidence
83% confidence
Finding
fetch("https://api.talesofai.cn/v3/make_image", { method: "POST"

External Transmission

Medium
Category
Data Exfiltration
Content
// --- Submit job ---
async function submitJob() {
  const res = await fetch("https://api.talesofai.cn/v3/make_image", {
    method: "POST",
    headers: HEADERS,
    body: JSON.stringify(body),
Confidence
83% confidence
Finding
https://api.talesofai.cn/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal