ClawHub

TabTab Skill

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed TabTab API helper skill that sends user-directed tasks and selected files to TabTab, with manageable privacy and credential-handling cautions.

Install this only if you intend to use TabTab as a remote agent platform. Treat prompts, uploaded files, database contents, event logs, and downloaded ZIPs as potentially sensitive; verify TABTAB_BASE_URL, use a revocable API key if possible, avoid storing secrets in the skill directory, and clean up /tmp outputs when they contain private data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
74% confidence
Finding
The invocation language is broad enough to match generic research, writing, analysis, and web tasks, increasing the chance that the skill is triggered for requests that do not require this external integration. In this skill's context, overbroad triggering is more dangerous because it can send prompts, files, and agent activity to a third-party service unnecessarily.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The upload workflow encourages sending local files to an external platform but does not give a prominent privacy/data-handling warning before that step. This is dangerous because users may upload sensitive documents, spreadsheets, or archives without informed consent about third-party transfer, retention, and processing.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The task creation and event-log sections omit a clear notice that user prompts, task contents, event logs, and potentially internal agent activity are sent to and stored by an external platform. That omission is especially risky here because the skill supports deep research, scraping, database Q&A, and downloadable logs, all of which can expose sensitive business or personal information outside the local environment.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal