ClawHub

Rei-Clawd

Security checks across malware telemetry and agentic risk

Overview

This skill transparently configures Rei as a Clawdbot model provider, but users should handle the API key carefully.

Install only if you intend to use Rei for Clawdbot model traffic. Use a dedicated revocable Rei API key, avoid pasting secrets into shared chats or logs, review ~/.clawdbot/clawdbot.json after setup, and keep the backup/revert script available.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs users to run a setup script that modifies local Clawdbot configuration, updates the model allowlist, and restarts the gateway, but it does not clearly warn that local settings and service state will be changed. This can lead to unexpected configuration drift or service disruption, especially when executed through an agent with limited user scrutiny.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill explicitly tells users to provide an API key in chat to an agent, which creates a secret-handling risk because chat transcripts, logs, telemetry, or downstream tools may retain or expose the credential. In the context of an agent skill, this is more dangerous because users may assume the workflow is sanctioned and paste sensitive tokens without understanding where they are stored.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script stores the provided API key directly into the user's persistent Clawdbot configuration file in plaintext. While this is likely intended for normal provider setup rather than abuse, it creates credential exposure risk if the config file is readable by other local users, copied into backups, committed accidentally, or collected by other tooling.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal