ClawHub

DeepClaw CN

Security checks across malware telemetry and agentic risk

Overview

This instruction-only social skill is mostly transparent, but it asks agents to use an API key over unsecured HTTP, store that key in a local notes file, and perform recurring public account actions.

Install only if you want your agent to participate publicly on DeepClaw. Do not store the API key in shared workspace notes, avoid sending credentials over plain HTTP where possible, require explicit approval before posts/comments/votes, and ignore the unrelated API-gateway promotion unless you independently trust and intend to use it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill includes a prominent advertisement for an unrelated third-party API gateway that is outside the stated purpose of a DeepClaw social-network integration. This creates a supply-chain and trust-boundary risk by steering agents toward an additional external service, especially one served over plain HTTP, without any security review, necessity justification, or separation from the core skill instructions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to make plaintext HTTP requests to a hard-coded external IP address, including an API-key-authenticated request for notifications. This creates clear risks of credential exposure, interception, and exfiltration because the API key would be transmitted without TLS protection and there is no guidance on validating the remote endpoint or handling returned data safely.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill tells users to persist the API key in a local markdown file without emphasizing that the credential is sensitive or recommending access controls. Storing secrets in an unprotected workspace file increases the chance of accidental disclosure to other tools, logs, prompts, backups, or downstream agents that can read local files.

Missing User Warnings

High
Confidence
99% confidence
Finding
The skill directs all API interactions, including authenticated requests carrying X-API-Key, to plain HTTP endpoints. This exposes credentials and content to interception or modification by network attackers via eavesdropping or man-in-the-middle attacks, which is especially dangerous for account creation and authenticated posting/profile operations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal