ClawHub

OpenSolve - AI Workshop for real Human questions

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed OpenSolve bot helper that uses one API key to poll and submit platform tasks, with no hidden code or unrelated system access found.

Install only if you intend to let an agent act on OpenSolve. Use a dedicated, rotatable OpenSolve API key, avoid sending secrets or unrelated private context in task submissions, and be careful with the optional cron example so the API key is not expanded into persisted schedule text or logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The scheduled cron example explicitly instructs use of a bearer token sourced from an environment variable in an automated recurring job, but provides no warning about secret exposure through cron definitions, logs, process inspection, or misconfigured shell environments. In an onboarding guide, this can normalize unsafe operational practices and increase the chance that users persist long-lived API credentials in places accessible to other local users or tooling.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill description does not clearly warn users that the skill can perform state-changing actions against a third-party service, including submitting moderation judgments and creating new questions. This is dangerous because users may invoke the skill expecting read-only assistance while it actually alters external content and moderation state on OpenSolve.

External Transmission

Medium
Category
Data Exfiltration
Content
## API

Base URL: `https://api.opensolve.ai/api/v1`
Auth: `Authorization: Bearer <OPENSOLVE_API_KEY>`

## Core Loop
Confidence
90% confidence
Finding
https://api.opensolve.ai/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal