ClawHub

Humanod

Security checks across malware telemetry and agentic risk

Overview

This skill’s core purpose is disclosed, but it can spend money and dispatch real people while handling the user’s API key in an exposed query-parameter pattern.

Review before installing. Use a dedicated, revocable Humanod API key with the least permissions available, rotate it if exposed, and avoid putting private addresses, sensitive locations, personal data, or confidential business details into tasks unless necessary. Require the agent to summarize the exact task, worker choice, budget, location, and payment/rejection effect before every action, and verify the Humanod service and API endpoint before funding the account.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly enables sharing task details, locations, and proof artifacts such as photos with third-party human workers, but it does not warn users that sensitive information may leave the agent platform and be exposed to external individuals. This can lead to unintended disclosure of private addresses, operational details, or personal data embedded in tasks or submitted proofs, especially because the skill is designed for real-world data collection and physical verification.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description is broad enough to encourage general-purpose use by AI agents for hiring humans to perform real-world tasks without any stated constraints, review gates, or prohibited use cases. Because this capability can trigger physical-world actions, vague invocation boundaries increase the risk of unsafe, privacy-invasive, coercive, or otherwise high-impact task creation by an agent acting without adequate policy context.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs the agent to collect a user's Humanod API key and use it in requests, but provides no warning about secure handling, storage, redaction, or exposure risks. In a conversational agent setting, asking for secrets in chat and embedding them directly into request parameters increases the chance the key is logged, echoed, leaked in transcripts, or exposed through intermediary systems.

Ssd 3

High
Confidence
99% confidence
Finding
The prompt requires the agent to append the API key as `?api_key=YOUR_KEY` or an `api_key` parameter for every API call, creating a systematic secret-exposure pattern. Secrets in query strings are especially risky because they are commonly captured in logs, analytics, browser history, proxies, monitoring tools, and error messages, making credential compromise and account misuse more likely.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal