ClawHub

安全事件日志调查助手

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims, but it sends sensitive security logs to an external LLM while claiming automatic redaction that is not implemented.

Install only if you are comfortable sending selected security logs to the configured SiliconFlow/OpenAI-compatible provider. Manually redact secrets, tokens, internal hostnames, account data, and regulated information before use, protect the .env API key, and prefer pinned dependencies or a lock file for controlled environments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (10)

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
analyze_log forwards full supplied log content to a third-party LLM API without any redaction, minimization, or policy guardrails. Security logs commonly contain credentials, tokens, IPs, internal hostnames, personal data, and incident details, so this creates a real data-exfiltration and compliance risk in a security-analysis context.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The design says user-pasted security logs will be analyzed via an external LLM API, but it does not clearly warn that the raw log content may be transmitted to a third-party provider. Security logs often contain sensitive internal data, credentials, tokens, hostnames, IPs, or incident details, so missing disclosure and consent creates a real data exposure and privacy risk.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documentation describes a log analysis assistant backed by an external API provider but does not clearly warn that user-supplied logs may be transmitted off-host to a third-party LLM service. Security logs often contain sensitive data such as IPs, usernames, internal hostnames, tokens, and incident details, so omission of this disclosure can lead to unintended data exfiltration and compliance issues.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The code sends raw user-supplied security log content to an external LLM service via `client.analyze_log(log_content, mode)` without any explicit notice, consent step, or data-sensitivity check. Security logs commonly contain IPs, usernames, tokens, stack traces, and other sensitive operational data, so silent external transmission creates a real confidentiality and compliance risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This file sends security log contents to an external provider but does not surface an explicit warning, consent step, or trust boundary to the caller here. In the context of a security-log analysis skill, hidden external transmission increases the chance that operators unknowingly disclose sensitive incident data.

External Transmission

Medium
Category
Data Exfiltration
Content
## API 配置

**SiliconFlow 配置**:
- Base URL: https://api.siliconflow.cn/v1
- Model: Qwen/Qwen3-8B
- API Key: 从.env 文件读取
Confidence
84% confidence
Finding
https://api.siliconflow.cn/

Unpinned Dependencies

Low
Category
Supply Chain
Content
openai>=1.0.0
python-dotenv>=1.0.0
tiktoken>=0.5.0
Confidence
95% confidence
Finding
openai>=1.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
openai>=1.0.0
python-dotenv>=1.0.0
tiktoken>=0.5.0
Confidence
97% confidence
Finding
python-dotenv>=1.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
openai>=1.0.0
python-dotenv>=1.0.0
tiktoken>=0.5.0
Confidence
94% confidence
Finding
tiktoken>=0.5.0

Known Vulnerable Dependency: python-dotenv — 1 advisory(ies): CVE-2026-28684 (python-dotenv: Symlink following in set_key allows arbitrary file overwrite via )

Low
Category
Supply Chain
Confidence
84% confidence
Finding
python-dotenv

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal