ClawHub

AIML Embeddings Generator

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward AIMLAPI embeddings helper, with the main privacy consideration that submitted text is sent to AIMLAPI and results are saved locally.

Install only if you are comfortable sending the text you embed to AIMLAPI. Avoid embedding secrets, regulated data, or confidential documents unless approved, use a dedicated AIMLAPI key where possible, and write results to a safe output directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill advertises capabilities that require access to environment variables, filesystem read/write, and network, but it does not declare permissions for them. This creates a transparency and policy-enforcement gap: users or hosting platforms may not realize the skill can access secrets like AIMLAPI_API_KEY, write files, and send data over the network. In this context, the skill is intended to call an external embeddings API and save outputs, so the capabilities are expected, but the missing declarations still weaken security review and least-privilege controls.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The README instructs users to send arbitrary input text to an external embeddings API but does not explicitly warn that the content will leave the local environment and be processed by a third party. This can cause accidental disclosure of sensitive data if users assume the tool is purely local, especially in semantic search or clustering workflows that often involve proprietary documents.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The script sends arbitrary user-supplied text in --input to an external third-party API, but provides no explicit warning, consent prompt, or data-handling notice. In agent/automation contexts, this can cause unintended exfiltration of sensitive prompts, documents, or secrets if users assume processing is local.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal