ClawHub

Novita AI Multimodal

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Novita AI integration, but users should handle API keys and uploaded media carefully.

Install only if you are comfortable sending prompts, images, audio, or related URLs to Novita AI and paying for generated outputs. Use a dedicated Novita key with limited balance where possible, store it in a config file or environment variable rather than chat, and avoid submitting sensitive personal, confidential, or regulated media.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill explicitly instructs the agent to inspect user messages for API keys and treat credentials supplied in chat as a normal configuration path. This expands the skill from multimodal generation into credential-handling, increasing the chance of collecting, retaining, or exposing secrets through chat logs, prompt injection, debugging output, or downstream tooling.

Missing User Warnings

High
Confidence
99% confidence
Finding
The documentation tells users to include an API key directly in a request, encouraging disclosure of secrets in plain language without any warning about logging or retention. Chat channels are commonly persisted and visible to operators, plugins, or audit systems, so this creates a direct credential-exposure risk.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The execution flow normalizes sending user prompts and potentially media to a third-party API but does not disclose that content will leave the local environment. For a multimodal skill, external transmission is expected, but the missing privacy notice can mislead users into sharing sensitive text, images, audio, or video without informed consent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs the agent to source an API key from the user message, a local config file, or an environment variable without any user-facing disclosure or consent step. This creates a real secret-handling risk because the agent may silently access credentials from local or ambient sources, increasing the chance of unintended use, cross-context secret exposure, or use of a more privileged key than the user intended.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The API reference repeatedly instructs users to send prompts, images, audio files, and possibly Base64-encoded media to a third-party service, but it provides no warning about privacy, retention, consent, or sensitive-data handling. In a multimodal skill, users may reasonably submit personal photos, voice recordings, or confidential text, so the absence of disclosure and safeguards increases the risk of unintentional data exposure or policy noncompliance.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The examples instruct sending attached user-provided images, audio, and text to external API endpoints without any privacy notice, consent step, or data-handling guidance. In a multimodal skill, users may provide sensitive media or documents, so omission of transmission warnings can lead to unintentional disclosure of personal, confidential, or regulated data to a third-party service.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The test cases normalize sending attached images, audio, and text to third-party API endpoints without any disclosure, consent flow, or privacy warning. In a multimodal skill, users may provide sensitive media or documents, so silent external transmission creates a real data-sharing and privacy risk.

Ssd 3

Medium
Confidence
99% confidence
Finding
Instructing users to place API keys directly in chat requests promotes unsafe secret handling and creates an avoidable exposure path. If a user follows this guidance, the credential may be stored in transcripts, telemetry, screenshots, or support logs and later abused for unauthorized API usage.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal