ClawHub

ClawdCursor

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real desktop automation skill, but it gives an agent broad screen-control power and tells it to start a hidden local service without enough explicit user control.

Install only if you intentionally want an agent that can see and operate your desktop. Review the external repository before running setup, prefer local/Ollama mode for private screens, start the service only when you explicitly need it, and require confirmation before opening sensitive apps, sending messages, deleting data, making purchases, or changing settings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The invocation guidance is broad enough that an orchestrating agent may route many generic desktop or browser tasks to this skill, which has powerful GUI-control capabilities. In this context, overbroad triggering increases the chance of unnecessary access to on-screen sensitive data, unintended interaction with local apps, and execution of higher-risk automation when safer direct tools would suffice.

Vague Triggers

Medium
Confidence
90% confidence
Finding
Saying the listed uses are 'examples, not limits' leaves the operational boundary open-ended for a skill that can open apps, inspect screens, and manipulate arbitrary UI elements. In a high-privilege desktop automation skill, ambiguous scope makes unsafe overuse more likely and can undermine the stated safety policy by encouraging application to unforeseen sensitive workflows.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal