ClawHub

Infographic Image

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: it turns user-provided text into Chinese infographic prompts and images using DashScope, with expected privacy and API-key considerations.

Install only if you are comfortable sending the selected text, reports, meeting notes, and optional style files to DashScope under your API key. Avoid confidential or regulated documents unless you have approval, and use dry-run or prompt-output mode when you want to review the generated prompt before rendering an image.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
96% confidence
Finding
The skill documentation describes capabilities to read local files, access environment variables, write output locally, and call external DashScope services, but it declares no permissions or trust boundaries. This is dangerous because users and calling agents may not realize sensitive local content and API-backed network actions are involved, increasing the chance of unintended data exposure or unsafe execution in environments that rely on declared permissions.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The description advertises very broad, everyday use cases such as converting arbitrary long text, reports, notes, and documents into images without clear invocation constraints. In agentic environments, vague triggers can cause over-broad or accidental activation on sensitive documents, leading to unintended transmission of private content to external services.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The markdown does not prominently warn that input text or file contents are sent to external DashScope models and that generated images are downloaded and saved locally. This omission creates a meaningful privacy and data handling risk because users may provide confidential documents under the mistaken belief that processing is local-only.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The default prompt and short description are broad enough to match very common user intents such as summarizing articles, reports, notes, or turning arbitrary text into output, which increases the chance of implicit invocation in unrelated contexts. Because implicit invocation is enabled, the skill may activate on ordinary document-processing requests and send user content into an image-generation workflow without sufficiently clear scoping or user confirmation.

Natural-Language Policy Violations

Medium
Confidence
86% confidence
Finding
The metadata states that the skill generates Chinese infographic prompts by default, without indicating that this is conditional on user preference. This can override the user's requested language, causing unexpected output language, degraded usability, and possible mishandling of content in multilingual workflows.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal