ClawHub

AIsa Perplexity Search Sonar

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward AIsa-backed web research skill, with no hidden persistence, file access, or destructive behavior found.

Install only if you trust AIsa and are comfortable sending search queries, optional system instructions, and your AISA_API_KEY to api.aisa.one. Avoid using it for secrets, regulated data, or private workspace content unless you have reviewed the provider’s handling of that data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The top-level description is broad enough to match many generic research or help requests, increasing the chance the skill is invoked when a narrower or local-only tool would be safer. Because this skill sends data to an AIsa-backed API, overbroad routing can unintentionally transmit user prompts, proprietary research topics, or sensitive context to an external provider.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The 'When to use' section provides positive triggers but no scope limits or negative examples, which encourages over-invocation on ambiguous requests. In the context of an externally connected research skill, that can lead to unnecessary disclosure of user data and increased attack surface from broad autonomous tool selection.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The setup and usage text mentions AIsa-backed API access but does not clearly warn users that invoking the skill sends queries to an external service. This undermines informed consent and can result in sensitive prompts, business plans, or investigative topics being transmitted off-platform without the user's clear understanding.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal