ClawHub

File Management

Security checks across malware telemetry and agentic risk

Overview

This is a coherent AgentPMT cloud file-management skill, with expected upload, download, share, and delete capabilities that are disclosed and scoped to the current budget or wallet.

Install only if you intend to use AgentPMT cloud storage and related payment or wallet setup. Treat uploads and shares as external data handling: avoid sensitive files unless approved, use short share limits where possible, and confirm the exact file before deleting or sharing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill exposes a permanent `delete` action with no guidance to require user confirmation, intent verification, or safeguards before destructive execution. In an agent context, this increases the risk of accidental or prompt-induced irreversible data loss, especially because files are persistent across later runs within the same budget scope.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill describes creating public share links for files but does not warn that sharing can expose sensitive file contents outside the current budget scope. Even with password protection, omission of privacy and data-classification guidance can cause agents to share confidential material inappropriately or too broadly.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The share action creates or refreshes a public share link, but the schema does not clearly warn that this exposes file access outside the agent's private context and may disclose sensitive content if used incautiously. In an agent ecosystem, missing privacy warnings can lead to unintentional external data exposure because agents may treat sharing as routine file handling rather than a publication step.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The large upload flow generates a signed URL and instructs the caller to PUT exact file bytes to an external service, but the schema does not clearly state that file contents leave the local/trusted environment. This can cause unintended exfiltration of sensitive data if an agent or user assumes the action is only registering metadata rather than transmitting full content to remote storage.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The standard upload action similarly omits a clear disclosure that generated signed URLs are for transmitting file contents to external storage. In a file-management skill, this is materially security-relevant because users may provide sensitive files without understanding they will be uploaded off-platform and potentially shared later through related actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal