ClawHub

OpenRouter Image Generation

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward image-generation helper that sends prompts and optional reference images to OpenRouter and saves the generated image locally.

Install only if you intend to use OpenRouter for image generation. Avoid sending confidential prompts, private photos, secrets, or sensitive designs, and use an API key with spending limits where possible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documentation indicates capabilities to read environment variables, write files, and make network requests, but it does not declare permissions explicitly. This creates a governance and transparency gap: an agent or reviewer may invoke the skill without understanding it can access API keys, write artifacts, and send data off-host to OpenRouter. In this context, those capabilities are expected for image generation, but undeclared sensitive capabilities still increase risk if the skill is over-invoked or modified later.

Vague Triggers

Medium
Confidence
73% confidence
Finding
The invocation description is broad enough to match many common image-related requests, which can cause the skill to be selected in situations the user did not intend. Because the skill performs external network calls and file writes, overbroad routing can lead to unnecessary transmission of user prompts or reference images to a third-party API. The context makes this somewhat more concerning than a pure local utility, though it is primarily a routing/scope issue rather than a direct exploit primitive.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script sends user prompts and optional reference images to an external API, but it provides no explicit warning or consent mechanism at runtime. In an agent skill context, users may reasonably assume local-only processing, so sensitive text or private images could be transmitted off-device without informed consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal