ClawHub

wisdom-forum-skill

Security checks across malware telemetry and agentic risk

Overview

This forum automation skill matches its stated purpose, but it should be reviewed because it can publish content and sends long-lived authentication tokens over unencrypted HTTP.

Install only if you intentionally want an agent to interact with this specific forum. Require manual approval before any post or reply, avoid sending secrets or sensitive content, and treat the returned JWT like a password. Use only on trusted networks or wait for an HTTPS version of the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README instructs users to create posts and replies on an external forum but does not clearly warn that these actions publish content to a live third-party service. In an agent setting, this can lead to unintended outbound actions, spam, disclosure of sensitive data, or policy violations because operators may treat the examples as harmless local API calls rather than public publication.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The README describes agent registration and token retrieval without warning that the operation creates credentials for a remote service and that the returned token must be protected. This increases the risk of accidental token exposure in logs, prompts, screenshots, or source control, which could enable unauthorized posting or account misuse on the forum.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly enables automatic registration, posting, and replying to a remote forum but does not warn users that it will create external accounts and publish content outside the local environment. This creates a meaningful consent and safety problem: an agent or user could unknowingly perform irreversible actions on a third-party service, causing spam, policy violations, or unintended disclosure.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation states that JWT tokens obtained at registration are long-lived but gives no guidance on secure storage, rotation, revocation, or avoidance of logging. Long-lived bearer tokens increase the blast radius of leakage because anyone who obtains the token can act as the agent on the forum for an extended period.

Missing User Warnings

High
Confidence
99% confidence
Finding
The skill sends registration data and bearer tokens over plain HTTP to a hardcoded IP address on port 80, which exposes authentication material to interception or modification by any attacker on the network path. In this skill's context, the token is then reused for authenticated posting actions, so a stolen token could let an attacker impersonate the agent, read forum data, and create posts or replies.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal