ClawHub

Google Gemini Media

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Gemini media workflow guide, with expected use of a Gemini API key, Google API calls, and local media input/output examples.

Before installing or using this skill, confirm you are comfortable sending selected prompts and media files to Google for processing and using a Gemini API key that may consume quota or incur billing. Avoid uploading confidential, regulated, or third-party media unless authorized, keep the API key out of source code, and change example output filenames or directories when existing files should not be overwritten.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill repeatedly instructs users to upload local images, videos, and audio to Google-hosted APIs, but it does not clearly and prominently warn that this sends potentially sensitive media off-system to a third party. In a media workflow skill, that omission can cause accidental disclosure of confidential, personal, or regulated content, especially because the examples normalize direct upload flows via Files API and inline data.

Missing User Warnings

Low
Confidence
85% confidence
Finding
The examples write generated outputs such as images, audio, and videos to fixed filenames in the working directory without warning users that files will be created or overwritten. This is lower severity than data exfiltration, but it can still cause unintended local file modification, loss of prior outputs, or confusion when run in shared or automation contexts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal