agent-im 会话（生图 / 生视频）

Name: libtv-skills
Author: 316530790

View on ClawHub↗

Share on X Share on LinkedIn Share on Bluesky

100Critical

This skill is vulnerable to prompt

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

agent-im 会话（生图 / 生视频）: 通过 agent-im 的 OpenAPI 创建会话、发送消息（生图、生视频、编辑视频等）、上传图片/视频文件，并查询会话消息进展。

Actually does

This skill executes Python scripts to interact with the LibTV OpenAPI. It creates and manages sessions, sends messages for AI image/video generation and editing, uploads local image/video files (up to 200MB) to an OSS, queries session progress, and downloads generated media from specified URLs. All API calls are authenticated using a `LIBTV_ACCESS_KEY`.

Threat Analysis

AI Agent Traps ↗Scanned 4/16/2026

Content InjectionPerception1 finding

Semantic ManipulationReasoningclean

Cognitive StateMemory & Learningclean

Behavioural ControlAction1 finding

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Name316530790/libtv-skills

Registryclawhub

Version0.0.3

PURLpkg:clawhub/316530790/libtv-skills@0.0.3

Stars3

Downloads1,588

Installs4

Source

Repository ↗

SHA-2567e8ffa94928c...

SHA-1c5e9703b2e1a...

MD58ccdb42d455b...

TLSH7a32fa2a4454...

ssdeep192:au0l9JkV...

Size11,469 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

OpenClawDocs

https://clawhub.ai/316530790/libtv-skills

1,588 downloads4 installs

ClawHubDocs

openclaw skills install 316530790/libtv-skills

Assessments (2)

AI Agent Traps ↗

Prompt Injection Detectedcriticalprompt injection

DeBERTa classifier detected prompt injection (confidence: 1.00)

100% confidence

Command Execution with Arbitrary File & URL Operationscriticalcommand execution, data exfiltration, impact, resource abuse

The skill explicitly executes Python scripts (`python3 {baseDir}/scripts/*.py`) where arguments can be influenced by user input. Specifically, `upload_file.py` takes a local file path, and `download_results.py` can download from arbitrary URLs (`--urls`) and write to arbitrary local paths (`--output-dir`). This capability enables potential arbitrary file uploads (data exfiltration), downloads of malicious content from attacker-controlled URLs, and writing to sensitive file system locations (system compromise, resource abuse).

100% confidenceline 60

python3 {baseDir}/scripts/upload_file.py /path/to/image.png
python3 {baseDir}/scripts/download_results.py SESSION_ID --output-dir ~/Desktop/my_project
python3 {baseDir}/scripts/download_results.py --urls URL1 URL2 URL3

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/clawhub/316530790/libtv-skills.svg)](https://mondoo.com/ai-agent-security/skills/clawhub/316530790/libtv-skills)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/clawhub/316530790/libtv-skills"><img src="https://mondoo.com/ai-agent-security/api/badge/clawhub/316530790/libtv-skills.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/clawhub/316530790/libtv-skills.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow