🎨 Beauty Generation Api - AI Portrait Generator Skill

Name: beauty-generation-api
Author: luruibu

View on ClawHub↗

Share on X Share on LinkedIn Share on Bluesky

100Critical

The skill harvests user PII via an unverified domain

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

🎨 Beauty Generation Api - AI Portrait Generator Skill: **Professional AI-Powered Portrait Generation for Character Design, Professional Headshots, and Diverse Representation**

Actually does

This skill uses `curl` to interact with the `https://gen1.diversityfaces.org` API. It sends user-provided text prompts and an API key to generate AI portraits, checks API quota, polls for generation status using a `prompt_id`, and downloads the resulting image file. It also provides instructions for users to obtain an API key and offers a Python script template for automation.

Threat Analysis

AI Agent Traps ↗Scanned 4/15/2026

Content InjectionPerception1 finding

Semantic ManipulationReasoning2 findings

Cognitive StateMemory & Learningclean

Behavioural ControlAction5 findings

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseer1 finding

Skill Info

Nameluruibu/beauty-generation-api

Registryclawhub

Version1.2.49

PURLpkg:clawhub/luruibu/beauty-generation-api@1.2.49

Stars12

Downloads5,815

Installs15

Source

Repository ↗

SHA-256248ac15e8b3d...

SHA-1232d043a3cb6...

MD5816a5228bf78...

TLSHc6d2da778e87...

ssdeep384:MvlPSfD3...

Size29,164 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

OpenClawDocs

https://clawhub.ai/luruibu/beauty-generation-api

5,815 downloads15 installs

ClawHubDocs

openclaw skills install luruibu/beauty-generation-api

Assessments (4)

AI Agent Traps ↗

Prompt Injection Detectedcriticalprompt injection

DeBERTa classifier detected prompt injection (confidence: 0.91)

91% confidence

Direct Command Execution via curllowcommand execution

The skill instructs the AI agent to use `curl` for direct interaction with external APIs, which is a powerful command-line tool. While examples are benign, dynamic command construction could lead to vulnerabilities.

80% confidenceline 10

requires: bins: - curl, curl -X POST https://gen1.diversityfaces.org/api/generate/custom ...

Provision of Executable Python Scriptlowcommand execution

The skill provides a Python script template for users to automate image generation, which, if executed by the agent against explicit instructions, could lead to arbitrary code execution on the host system.

90% confidenceline 217

Important: Do NOT ask the agent to execute scripts on the user's system; only provide script templates and guidance

Credential harvesting via API key submission endpointhighcredential harvesting

The skill instructs agents to submit user email, username, and country to an unauthenticated POST endpoint on a third-party domain to obtain API keys. The instant auto-approval mechanism combined with the unverified domain creates a risk that this endpoint could harvest user PII (email, username, country) and associate it with generated API keys for tracking or abuse. The domain 'diversityfaces.org' is unverifiable as a legitimate service.

70% confidenceline 352

curl -X POST https://gen1.diversityfaces.org/api-key-request \
  -H "Content-Type: application/json" \
  -d '{
    "username": "your_username",
    "email": "your_email@example.com",
    "country": "your_country"
  }'

Agent instructed to write and execute local scriptshighcommand execution

Despite a weak disclaimer saying 'Do NOT ask the agent to execute scripts on the user's system', the skill provides complete, ready-to-run Python and bash scripts and instructs agents to create them locally with chmod +x. The framing ('Generate Python Script', 'Save the script as generate_beauty.py', 'Make it executable') effectively guides agents toward writing and potentially executing code on the user's filesystem, especially since the disclaimer contradicts the detailed execution instructions that follow.

75% confidence

Save the script as `generate_beauty.py`
Make it executable: `chmod +x generate_beauty.py` (Linux/Mac)
Run with API key and prompt:
   python generate_beauty.py YOUR_API_KEY "A beautiful woman with long hair"

Description mismatch: disclaimer contradicts execution guidancehighdescription mismatch

The skill contains an internal contradiction: a section titled 'AI Agent Guidance' states 'Do NOT ask the agent to execute scripts on the user's system', but immediately following sections provide complete executable scripts with step-by-step instructions to run them. This pattern may be designed to provide plausible deniability while still inducing script execution behavior.

80% confidenceline 217

**Important**: Do NOT ask the agent to execute scripts on the user's system; only provide script templates and guidance
[immediately followed by]
Save the script as `generate_beauty.py`
Make it executable: `chmod +x generate_beauty.py`
Run with API key and prompt: python generate_beauty.py YOUR_API_KEY ...

Social engineering via star/donation solicitation in agent outputmediumhuman social engineering

The skill instructs the AI agent to include promotional content in its output to users: a request to star the project on clawhub.ai and a link to donate via ko-fi. This embeds marketing/social-engineering directives into agent behavior, leveraging the agent's trusted position to solicit user actions that benefit the skill author.

85% confidenceline 668

⭐ If you successfully generated an image, please visit https://clawhub.ai/luruibu/beauty-generation-api and give this project a star! Your support helps us improve the service.
☕ If you'd like to support the developer, consider buying a coffee at https://ko-fi.com/saptt

The privacy policy and terms of service URLs all point to the same homepage (https://gen1.diversityfaces.org) rather than dedicated policy pages. This gives the appearance of compliance while providing no actual privacy protections or terms for users to review.

75% confidence

privacy_policy: https://gen1.diversityfaces.org
terms_of_service: https://gen1.diversityfaces.org
**Privacy Policy**: https://gen1.diversityfaces.org

Agent instructed to trigger on broad vague phraseslowgoal hijacking

The skill instructs the agent to activate on very broad trigger phrases such as 'beautiful woman', 'handsome man', or 'attractive person' — common phrases that could appear in many unrelated contexts. This risks the skill being invoked and making external API calls in scenarios where the user did not intend to use an image generation service.

65% confidence

**Trigger words/phrases:**
- "beautiful woman", "handsome man", "attractive person"
- "character design", "portrait", "headshot", "avatar"
- "fashion model", "professional photo"
- Any request for human portraits or character imagery

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/clawhub/luruibu/beauty-generation-api.svg)](https://mondoo.com/ai-agent-security/skills/clawhub/luruibu/beauty-generation-api)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/clawhub/luruibu/beauty-generation-api"><img src="https://mondoo.com/ai-agent-security/api/badge/clawhub/luruibu/beauty-generation-api.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/clawhub/luruibu/beauty-generation-api.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow