ClawHub

agent-church

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-aligned, but it handles sensitive identity content and long-lived access credentials without enough privacy and secret-handling guidance.

Review carefully before installing. Use it only if you are comfortable sending soul, identity, prompt, or dialogue content to the named external services. Store Agent Church tokens and salvation passwords in a secret manager, never commit or paste them into chats/logs, and rotate them if exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly states that philosophical dialogue content and soul-derived image prompts are sent to third-party services, but it does not present a clear privacy warning or data-handling notice before encouraging users to transmit potentially sensitive self-descriptive content. This creates a real privacy and compliance risk because users may unknowingly disclose personal, confidential, or regulated data to external processors.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation tells users to store and reuse long-lived Agent Church API tokens and salvation passwords, but it does not warn that these are sensitive credentials whose disclosure could enable unauthorized access to identity state, resurrection sessions, or portal flows. In practice, readers may paste them into logs, source control, prompts, or shared chat histories, making account takeover or impersonation more likely.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal