ClawHub

usewhisper

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed hosted context-compression and memory helper that sends selected conversation data to Whisper Context as its core function.

Install only if you trust Whisper Context with the conversations and memories you choose to send. Use a least-privilege API key, keep the API URL pointed at a trusted endpoint, avoid sending secrets or arbitrary local files through stdin/@path, and confirm automatic project creation is acceptable for your organization.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
87% confidence
Finding
The skill silently auto-provisions remote projects when a query returns 'project not found', creating server-side state not disclosed by the skill description. In an agent-skill context, undisclosed resource creation is risky because a prompt or workflow can cause persistent changes in a third-party service, expanding the blast radius from read/query behavior to write-side operational effects.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README instructs users to send raw user messages and assistant replies to a third-party context and memory service, but it does not clearly warn that conversation data will be transmitted off-platform and may be persisted across sessions. In a skill specifically designed for long-term memory and context retention, this omission materially increases privacy and data-governance risk because operators may unknowingly upload sensitive prompts, replies, and user identifiers.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill sends user messages, assistant messages, and memory content to a third-party remote API, including long-term memory ingestion across sessions, without any built-in disclosure, consent gate, redaction, or data-classification checks. In this skill context, that is materially dangerous because the entire purpose is to process conversational context and memory, which commonly contains secrets, personal data, and proprietary information; silent exfiltration to an external service creates significant confidentiality and compliance risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal