ClawHub

Save upto 50% for model tokens: OpenAI GPT, Claude, Gemini, Qwen, Deepseek, Grok and more with one single key

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward client for a third-party LLM routing API, with the main user consideration being that submitted prompts and image references leave the local environment.

Install only if you are comfortable sending selected prompts, messages, image URLs or base64 image data, and related metadata to AIsa and potentially downstream model providers. Use a protected, limited API key where possible, avoid submitting secrets or regulated data unless approved, monitor usage and costs, and rotate the key if it is exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation instructs users to send prompts and images to a third-party API but does not warn that potentially sensitive text, files, or image contents will leave the local environment. In an agent setting, users may unknowingly transmit confidential data to an external service, creating privacy, compliance, and data-handling risk.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The skill requires an API key in an environment variable but does not provide guidance on secure storage, least privilege, rotation, or avoiding accidental disclosure in logs and shell history. While not an exploit by itself, weak credential-handling guidance increases the likelihood of secret exposure in real deployments.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The CLI accepts arbitrary prompts, system messages, and image URLs, then transmits them to a third-party API without any explicit warning, confirmation, or privacy notice at the point of use. In an agent-skill context, this creates a real data-exposure risk because users may assume inputs are processed locally while sensitive text or URLs are actually sent off-host to an external provider.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal