ClawHub

Image Gen

Security checks across malware telemetry and agentic risk

Overview

This appears to be a cloud image-generation skill whose network calls and image uploads match its stated purpose, with privacy cautions for sensitive prompts or reference images.

Install only if you are comfortable sending prompts and any reference images to the configured image API provider. Avoid using private, regulated, copyrighted, or confidential images unless your provider account and data-handling terms allow it, and verify the API base URL before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill documents shell execution, file writes, network calls, and outbound messaging, but does not declare corresponding permissions. This creates a trust and enforcement gap: the platform or reviewer may underestimate what the skill can do, increasing the chance of unintended file creation, command execution, or data handling without explicit approval.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are very broad and overlap with ordinary conversation about images, drawing, editing, or modifying pictures. That increases the likelihood of accidental invocation, which is more dangerous here because the skill can write files and transmit prompts or reference images to an external service.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill describes taking user-provided reference images, converting them to base64, and sending them to a third-party image-generation API, but does not prominently warn users of this external transmission. Prompts and images may contain sensitive personal, corporate, or copyrighted material, so silent upload creates a meaningful privacy and data governance risk.

Natural-Language Policy Violations

Medium
Confidence
80% confidence
Finding
Automatically translating prompts into English without user opt-in can alter meaning, leak sensitive details to an additional translation component or step, and cause the system to send content the user did not intend. In a skill already transmitting content externally, silent transformation of user input weakens consent and predictability.

External Transmission

Medium
Category
Data Exfiltration
Content
2. **调用 API**
   ```bash
   curl -X POST "${IMAGE_API_BASE_URL}/v1/images/generations" \
       -H "Authorization: Bearer ${IMAGE_API_KEY}" \
       -H "Content-Type: application/json" \
       -d '{
Confidence
93% confidence
Finding
curl -X POST "${IMAGE_API_BASE_URL}/v1/images/generations" \ -H "Authorization: Bearer ${IMAGE_API_KEY}" \ -H "Content-Type: application/json" \ -d '{ "model": "'"${IMA

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal