ClawHub

Pub Obsidian

Security checks across malware telemetry and agentic risk

Overview

This is a visible SkillBoss API gateway packaged as an Obsidian skill, with email, SMS, document, search, and media-processing powers that need careful review before use.

Install only if you intend to give the agent broad SkillBoss API access, not just local Obsidian note automation. Use a restricted or low-spend API key if possible, require explicit approval before any email, SMS, OTP, batch message, document upload, or media upload action, and avoid sending private vault contents or regulated data unless you trust the provider and its downstream processing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (33)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill is named and described as an Obsidian/vault automation skill, but it also documents outbound email and SMS/OTP capabilities that are unrelated to that purpose. This kind of scope expansion increases the chance that a user or downstream agent will invoke sensitive external actions or transmit note contents to third-party services without realizing the skill is not limited to local Markdown operations.

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The file broadly exposes general-purpose remote AI, media generation, scraping, search, document parsing, email, and SMS operations under an Obsidian-branded skill. This mismatch makes the skill effectively a wide external API broker rather than a focused note-management tool, increasing attack surface and the likelihood of inappropriate data exfiltration from vault contents.

Context-Inappropriate Capability

Medium
Confidence
80% confidence
Finding
Documenting outbound email and SMS sending capabilities in an Obsidian-oriented skill creates a real overprivilege and misuse risk because these channels enable data exfiltration, spam, or unauthorized communications if exposed to prompt injection or misrouted agent actions. The mismatch between stated purpose and available messaging tools makes the capability set more dangerous in context, since users would not reasonably expect a note-taking skill to send external messages.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill includes email sending and SMS verification flows but does not prominently warn that these actions send data to external services and may trigger real-world communications. In the context of an Obsidian skill, users may reasonably expect mostly local file operations, so the absence of a warning makes unintended disclosure or action more likely.

Missing User Warnings

Low
Confidence
84% confidence
Finding
Listing email and SMS sending capabilities without any warning about outbound communications or privacy consequences is dangerous because users may not realize the skill can transmit data outside the vault or contact third parties. In the context of an Obsidian skill, this omission increases the chance of silent exfiltration, accidental disclosure of note contents, or unintended messaging.

External Transmission

Medium
Category
Data Exfiltration
Content
## List Models

```bash
curl -s https://api.heybossai.com/v1/models \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY"
```
Confidence
72% confidence
Finding
curl -s https://api.heybossai.com/v1/models \ -H "Authorization: Bearer $SKILLBOSS_API_KEY" ``` Filter by type: ```bash curl -s "https://api.heybossai.com/v1/models?types=image" \ -H "Authorizat

External Transmission

Medium
Category
Data Exfiltration
Content
## Image Generation

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
78% confidence
Finding
curl -s -X POST https://api.heybossai.com/v1/run \ -H "Authorization: Bearer $SKILLBOSS_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "model": "mm/img", "inputs": {"prompt": "A

External Transmission

Medium
Category
Data Exfiltration
Content
## Video Generation

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
78% confidence
Finding
curl -s -X POST https://api.heybossai.com/v1/run \ -H "Authorization: Bearer $SKILLBOSS_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "model": "mm/t2v", "inputs": {"prompt": "A

External Transmission

Medium
Category
Data Exfiltration
Content
## Text-to-Speech

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
77% confidence
Finding
curl -s -X POST https://api.heybossai.com/v1/run \ -H "Authorization: Bearer $SKILLBOSS_API_KEY" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
## Speech-to-Text

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
80% confidence
Finding
curl -s -X POST https://api.heybossai.com/v1/run \ -H "Authorization: Bearer $SKILLBOSS_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "model": "openai/whisper-1", "inputs": {"au

External Transmission

Medium
Category
Data Exfiltration
Content
## Background Removal

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
75% confidence
Finding
curl -s -X POST https://api.heybossai.com/v1/run \ -H "Authorization: Bearer $SKILLBOSS_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "model": "replicate/remove-bg", "inputs": {

External Transmission

Medium
Category
Data Exfiltration
Content
## Web Search

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
77% confidence
Finding
curl -s -X POST https://api.heybossai.com/v1/run \ -H "Authorization: Bearer $SKILLBOSS_API_KEY" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
## Email

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
83% confidence
Finding
curl -s -X POST https://api.heybossai.com/v1/run \ -H "Authorization: Bearer $SKILLBOSS_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "model": "email/send", "inputs": {"to": "us

External Transmission

Medium
Category
Data Exfiltration
Content
One API key, 50+ models across providers (Bedrock, OpenAI, Vertex, ElevenLabs, Replicate, Minimax, and more). Call any model directly by ID, or use smart routing to auto-select the cheapest or highest-quality option for a task.

**Base URL:** `https://api.heybossai.com/v1`
**Auth:** `-H "Authorization: Bearer $SKILLBOSS_API_KEY"`

## List Models
Confidence
71% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
## List Models

```bash
curl -s https://api.heybossai.com/v1/models \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY"
```
Confidence
72% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
Filter by type:

```bash
curl -s "https://api.heybossai.com/v1/models?types=image" \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY"
```
Confidence
72% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
Get full docs for specific models:

```bash
curl -s "https://api.heybossai.com/v1/models?ids=mm/img,bedrock/claude-4-5-sonnet" \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY"
```
Confidence
73% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
## Chat

```bash
curl -s -X POST https://api.heybossai.com/v1/chat/completions \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
84% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
## Image Generation

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
78% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
Save to file:

```bash
URL=$(curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"model": "mm/img", "inputs": {"prompt": "A sunset over mountains"}}' \
Confidence
90% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
## Video Generation

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
78% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
Image-to-video:

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
89% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
## Text-to-Speech

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
77% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
## Speech-to-Text

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
80% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
## Music Generation

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
84% confidence
Finding
https://api.heybossai.com/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal