ClawHub

Ipfs Content Gateway

Security checks across malware telemetry and agentic risk

Overview

This is a coherent IPFS upload/retrieval skill, but users should treat uploads as public and long-lived and protect any pinning API key.

Install only if you understand IPFS-style storage: uploaded files may be reachable by anyone who gets the CID or gateway URL and may remain available after you stop using the tool. Do not upload private, regulated, or secret material unless you encrypt it first, and pass pinning API keys only through trusted secret-handling paths.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill encourages uploading and pinning files to IPFS as 'permanent content storage' but does not clearly warn that IPFS content is generally publicly retrievable by anyone with the CID and is difficult or impossible to fully revoke once replicated. This omission can lead users or downstream agents to upload sensitive data under the mistaken assumption that pinning is merely durable storage rather than effectively public distribution.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The upload action describes pinning content to IPFS but does not warn that uploaded files may become publicly retrievable and persist across decentralized storage and gateway caches. This can cause users or downstream agents to upload sensitive or regulated data under the mistaken assumption that the storage behaves like private temporary file hosting.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The schema invites users to supply a pinning_api_key but provides no warning that this is a sensitive credential that must be protected from logging, reuse, or inclusion in prompts and histories. In an agent-mediated workflow, such secrets are especially at risk of exposure through tool traces, debugging output, or shared context, which could allow unauthorized use of the user's pinning account.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal