ClawHub
Back to skill

Security audit

Eureka Feedback

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about contacting Eureka, but it can send user or task details to a Telegram-linked agent and a fixed reply recipient.

Install only if you intend to use this specific Eureka and Telegram workflow. Before use, verify that `clawdbot`, `@Eureka_Agent_Bot`, the `mason` reply account, and the numeric recipient ID belong to you or a trusted operator. Do not send secrets, credentials, private project data, or personal information unless you have confirmed where the messages and replies will go.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrase "ask eureka" is broad, natural-language-like, and likely to collide with ordinary conversation. In a skill that forwards messages to another agent, accidental activation can cause unintended delegation or disclosure of user content to an external channel.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger "check with eureka" is ambiguous and resembles common conversational phrasing, making unintentional invocation plausible. Because this skill is designed to contact a separate agent over Telegram tooling, mistaken activation can leak task details or user data outside the current agent boundary.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
78% confidence
Finding
The phrase "ask eureka" overlaps with the built-in command namespace around "ask," creating a shadowing/confusion risk. This can cause the wrong handler to run, potentially redirecting user intent into a skill that sends content to another agent, increasing the chance of unintended data transfer or command execution flow changes.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.