ClawHub

Image to Image API

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Media.io image-transformation wrapper that uses a Media.io API key and sends prompts and image URLs to Media.io, with no hidden persistence or destructive behavior found.

Install only if you are comfortable sending your prompts, image URLs, and related task data to Media.io under their terms. Use a revocable Media.io API key, avoid sensitive or internal image URLs, and install the requests dependency from a trusted source.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill documentation and examples show use of environment variables, local file references, and outbound network access, but no explicit permissions are declared. This creates a transparency and governance gap: users and platforms may not realize the skill can access secrets and make external requests, which increases the chance of unintended secret exposure or unauthorized data transmission.

Tp4

High
Category
MCP Tool Poisoning
Confidence
91% confidence
Finding
The skill is presented as a narrow image-to-image transformation tool, but the documented router can invoke arbitrary APIs defined in an external JSON spec and query other account-related endpoints such as task or usage data. This mismatch is dangerous because users may grant trust and inputs under a limited-use expectation while the implementation exposes broader functionality and a larger attack surface than advertised.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill examples instruct users to send prompts and image URLs to Media.io, but they do not clearly warn that user content will be transmitted to and processed by a third party. This can lead to accidental disclosure of sensitive images, internal URLs, or personal data, especially if users assume processing is local or do not understand the external handling of their inputs.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The documentation instructs clients to send user-supplied image URLs and prompts to a third-party endpoint, but provides no disclosure that user content leaves the local/system boundary. In a skill context, this can lead to unintended transmission of sensitive images or prompt data to an external provider without informed user awareness.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The docs require an X-API-KEY header but do not warn against exposing API keys in logs, screenshots, examples, or shared prompts. In agent and automation environments, such omissions increase the chance that operators mishandle credentials, leading to unauthorized API use and account abuse.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal