ClawHub

Hostex

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Hostex API skill with sensitive account access, but the access is disclosed, purpose-aligned, and write actions are guarded.

Install only if you intend to let an agent access Hostex account data. Use a read-only or least-privilege Hostex token where possible, leave HOSTEX_ALLOW_WRITES unset except for a specific approved change, review dry-run or planned changes before confirming writes, avoid broad reservation or conversation reads unless needed, and do not set HOSTEX_BASE_URL unless it points to a trusted Hostex endpoint.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The reservation query endpoints expose extensive PII and sensitive stay data, including guest names, phone numbers, emails, ID document details, lock codes, deposit amounts, and check-in guide URLs. In an agent skill context, this is especially risky because broad read access can enable silent data harvesting, privacy violations, physical security exposure, and misuse of guest credentials or access instructions.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The conversation endpoints expose guest contact details and full message contents, which may contain highly sensitive personal, financial, travel, or access-related information. In a skill used by autonomous agents, this creates a meaningful risk of overcollection, unintended disclosure, prompt injection via message content, and privacy abuse if the data is retrieved without strong warnings and constraints.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The OAuth endpoints handle client secrets, access tokens, and refresh tokens, but the specification does not warn consumers that these values are highly sensitive credentials requiring secure storage and non-disclosure. In an agent setting, absent guidance increases the chance that secrets are logged, echoed back to users, persisted insecurely, or exposed through tool traces.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal