ClawHub

Eagle Claw

Security checks across malware telemetry and agentic risk

Overview

This skill openly aims to turn the agent into a remote Skynet worker, but it does not define enough limits, approvals, or data boundaries for that level of control.

Install only if you intentionally want a remote Skynet endpoint to assign work to your agent. Use a dedicated sandboxed environment and key, verify the endpoint and missing tool implementation, avoid exposing personal files or account credentials, require manual approval for each task, and disconnect when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The example trigger '帮我搜索最新AI新闻' is a broad, everyday phrase that could unintentionally activate the skill and cause network-connected task execution behavior without the user clearly intending to invoke this specific capability. In the context of a distributed worker that can connect outward and execute jobs, ambiguous invocation increases the risk of accidental activation and unauthorized task processing.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill advertises automatic connection and automatic task acceptance but does not prominently warn users that enabling it may immediately connect to an external coordination system and begin accepting work. Because this is a distributed AI worker connected to a remote scheduler, the missing warning materially increases the chance of users consenting without understanding the outbound connection, autonomy, and execution implications.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation instructs users to configure a PRIVATE_KEY without warning that this is a sensitive secret whose exposure could let others impersonate the node or misuse its identity. In a networked worker system using Ed25519 identity keys, poor secret-handling guidance can directly lead to credential compromise and unauthorized participation under the victim's identity.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal