ClawHub

Intent Engine

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent intent-classification dashboard, but it starts an unauthenticated debug web server on all network interfaces that can modify persisted routing configuration.

Install only if you are comfortable running a local Flask management service. Bind it to localhost, disable debug mode, add access control before using it on any shared machine or network, and export or back up intent data before using import, edit, or delete features.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Vague Triggers

Medium
Confidence
77% confidence
Finding
The activation phrases such as '识别意图', '分类任务', and '智能路由' are broad, generic terms that may appear in ordinary conversation. Overbroad triggers can cause accidental invocation of the skill, leading to unintended routing decisions or exposing management/classification behavior when the user did not explicitly request it.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation promotes REST CRUD, hot updates, JSON import/export, and delete/edit capabilities but does not warn that these operations persist to disk and may irreversibly alter or remove intent configuration. In a management interface, missing warnings increase the risk of accidental destructive changes and unsafe operator assumptions.

Unpinned Dependencies

Low
Category
Supply Chain
Content
flask>=3.0.0
Confidence
95% confidence
Finding
flask>=3.0.0

Known Vulnerable Dependency: flask — 8 advisory(ies): CVE-2025-47278 (Flask uses fallback key instead of current signing key); CVE-2018-1000656 (Flask is vulnerable to Denial of Service via incorrect encoding of JSON data); CVE-2019-1010083 (Pallets Project Flask is vulnerable to Denial of Service via Unexpected memory u) +5 more

High
Category
Supply Chain
Confidence
87% confidence
Finding
flask

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal