ClawHub

Lybic Sandbox

Security checks across malware telemetry and agentic risk

Overview

This skill openly gives agents powerful controls over Lybic cloud sandboxes, and the risky features match that purpose.

Install this only if you intend to let an agent create and control Lybic cloud sandboxes. Use a least-privileged API key, prefer environment variables or a secret manager, never commit real credentials, validate downloaded files before processing them, and expose HTTP ports only for intended services with authentication and prompt cleanup.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation instructs users how to expose a sandbox service on a public URL without any warning about authentication, data exposure, or network hardening. In the context of a cloud computer skill that can run arbitrary processes and GUI automation, this materially increases the risk of unintentionally publishing internal admin panels, debug servers, or sensitive app state to the internet.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly supports downloading files from arbitrary external URLs into the sandbox without warning about source trust, malware risk, data provenance, or privacy implications. In practice, this can lead users or downstream agents to ingest untrusted content and execute or process it automatically, increasing risk of compromise or sensitive data exposure.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill advertises public port forwarding and external exposure of sandbox services without an explicit warning that this can publish internal services to the internet. That can expose development servers, admin interfaces, unauthenticated apps, or sensitive data to remote attackers, especially if users assume the sandbox remains isolated.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs users to supply API credentials via environment variables or directly in code examples, including a literal example showing credential parameters, but provides no warning about secret leakage. This can normalize insecure handling, leading to secrets being hardcoded, logged, committed to repositories, or exposed in transcripts and screenshots.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The README instructs users to supply organization IDs and API keys, including an in-code example, but does not warn against hardcoding secrets, committing them to source control, or exposing them in logs. In a cloud-sandbox skill, these credentials likely grant access to sandbox creation and management, so poor documentation can lead to accidental credential leakage and unauthorized use.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The examples promote downloading files from HTTP URLs and creating public URL mappings for sandbox services without warning about exposing internal services, sensitive data, or using unauthenticated/public endpoints. Given this skill is specifically for cloud computers and remote automation, unsafe defaults or missing cautions can increase the chance that users unintentionally publish reachable services or ingest untrusted content into sandboxes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal