An AI skill for OpenClaw that generates professional diagrams from natural language descriptions using EdrawMax AI APIs.

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims, but its downloader weakens HTTPS protections before saving generated image files, so it should be reviewed before use.

Install only if you are comfortable sending diagram prompts to EdrawMax and saving generated files locally. Avoid secrets, confidential business plans, regulated data, or sensitive internal process details in prompts. Before relying on generated files, especially SVGs, the downloader should be fixed to keep HTTPS verification enabled and ideally restrict downloads to expected EdrawMax or OSS domains.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (3)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill instructs the agent to always download generated assets and save them locally, but does not require prior user notice or consent for local file writes. Silent disk writes can surprise users, consume storage, and create persistence of potentially sensitive or unsafe content on the local system.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The documentation states that `user_id` is derived from the `X-User-ID` header and the examples show generated artifacts being stored at remote OSS URLs, but it does not warn users that prompts, identity-linked metadata, and outputs are sent to an external service and persisted remotely. In a skill that may handle user-provided project plans, process descriptions, or knowledge maps, this omission can cause unintentional disclosure of sensitive business or personal information.

Missing User Warnings

Medium

Confidence: 99% confidence
Finding: The code explicitly disables TLS certificate validation and hostname checking before downloading attacker-controlled URLs. This allows a man-in-the-middle attacker or a malicious network intermediary to substitute arbitrary PNG/SVG content, defeating transport security and making the downloaded files untrustworthy; because SVG is an active format in some renderers, the downstream risk is higher than a simple image corruption issue.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal