ClawHub

Huo15 Comic Storyboard

Security checks across malware telemetry and agentic risk

Overview

The skill appears to do its advertised storyboard generation, but project files can steer which local images are uploaded and where outputs are written, so it needs careful review before use.

Install only if you trust the script.json and character manifest you will run. Use a dedicated project directory, inspect manifest image paths and scene IDs before execution, and use a budget-limited ARK_API_KEY because the workflow uploads reference images to Volcengine and may incur charges.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill documentation describes executing a Python script that reads local files, writes outputs, and likely calls the Seedream 4.0 service over the network, but the skill declares no corresponding permissions. This creates a transparency and policy-enforcement gap: a reviewer or runtime may treat the skill as low-privilege while it actually processes filesystem content and performs outbound requests, increasing the risk of unintended data access or exfiltration.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
_image_to_data_uri silently reads arbitrary local image files and base64-encodes them for transmission to the remote API when referenced by path. In a skill that processes local character cards and storyboard assets, this creates a real confidentiality risk because local files may be uploaded off-host without explicit user awareness, especially if upstream inputs can influence file paths.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The video submission logic can forward reference audio and reference video to the external API with no explicit disclosure, confirmation, or path validation in this layer. Because media inputs often contain sensitive or proprietary content, silently transmitting them to a third-party service is a legitimate data-exposure issue.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal