ClawHub
Back to skill

Security audit

ERNIE Image Visual Promptsmith

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Baidu image-generation skill that uses a user API key and saves generated images locally as part of its stated workflow.

Install only if you are comfortable sending image prompts and generation settings to Baidu AI Studio using a revocable API key. Avoid sensitive or confidential prompt content, and expect generated images to be saved locally in the configured output directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation rules are overly broad: ordinary phrases like 'generate', 'draw', 'create', or 'make an image' can match normal conversation and trigger tool execution unexpectedly. In this skill, that can cause unintended API calls using the user's API key and local file downloads without an explicit confirmation boundary.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documentation states that returned image URLs are downloaded immediately and saved locally, but the overall skill description does not clearly warn users of this behavior before use. Automatic downloading and local persistence of remote content increases privacy and storage risk and should be disclosed up front.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation explicitly instructs immediate downloading of remote image content and saving it to the local filesystem, but does not require any user confirmation or warning about the network transfer and disk write. In an agent skill context, this can cause unexpected external access and persistent local file creation from model-controlled URLs, increasing the risk of silent data transfer, unsafe content ingestion, or storage of unreviewed files.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.