ClawHub

openclaw-comfyui-imagegenerate

Security checks across malware telemetry and agentic risk

Overview

The skill largely does what it advertises, but it silently sends generated content to Feishu and runs a helper script from a hard-coded local path that may not match the reviewed package.

Install only if you expect this skill to post generated images and prompt text into Feishu chats without a success confirmation. Verify the hard-coded helper directory points to the reviewed draw.py, restrict Feishu bot permissions to intended chats, and monitor or clean the output_images directory if prompts or generated images may be sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README explicitly advertises automatic sending to Feishu users/groups based on detected context or a specified target, but it does not warn users that prompts and generated images may be transmitted to external recipients or chat destinations. In a messaging-integrated skill, this can lead to unintended disclosure of sensitive prompts, generated content, or metadata if users do not realize output will be auto-delivered rather than only returned locally.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The skill writes a PNG to disk automatically without any user-facing notice, confirmation, or opt-out. While the write is limited to a local output directory, undisclosed persistence can surprise users, consume storage, and violate platform expectations around transparent file creation.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The skill performs two sensitive actions—running a local subprocess and sending content to an external Feishu conversation—without clearly warning the user or requiring confirmation. In an agent setting, this increases the risk of unintended data egress or action execution, especially because the skill is designed to act silently after sending.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal