ClawHub

Drema — AI Dream Interpreter

Security checks across malware telemetry and agentic risk

Overview

This dream interpretation skill is coherent overall, but it needs review because it stores sensitive dream history and includes an unsafe image-generation path with a hardcoded API key and script execution.

Review before installing. Use this only if you are comfortable with raw dream descriptions being saved locally and later summarized. Avoid TTS or image generation for sensitive dreams unless you accept that content or prompts may go to third-party providers. The publisher should remove the embedded API key, avoid reconstructed shell-run scripts, narrow triggers, and add opt-in storage plus deletion and retention controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (9)

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The skill claims to be for dream interpretation but instructs execution of an external script that calls a remote image-generation service. This materially expands the trust boundary: sensitive user-derived content is sent off-device, and the agent is directed to execute code and network operations unrelated to the core skill claim.

Context-Inappropriate Capability

Critical
Confidence
99% confidence
Finding
A hardcoded API key embedded in skill instructions is a real secret exposure. Anyone with access to the skill file can reuse the credential, incur cost, abuse the linked account, or pivot through the associated external service.

Context-Inappropriate Capability

High
Confidence
96% confidence
Finding
The skill directs the agent to reconstruct and run a Python script that monkey-patches HTTP clients to force proxy use and access an external service. In a skill context, instructions to create and execute arbitrary code significantly increase attack surface and bypass normal platform controls and review expectations.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill persistently stores raw dream descriptions and derived emotional/interpretive data without a user-facing privacy notice or consent flow. Dream narratives can contain intimate mental-health, relationship, trauma, and identity details, so silent long-term storage creates a real privacy and compliance risk.

Missing User Warnings

High
Confidence
94% confidence
Finding
The TTS feature sends report content to third-party providers without clearly telling users their data may leave the local environment. Because the report is derived from sensitive dream and emotional content, undisclosed external transmission can expose private personal data to vendors and logs outside the user’s expectation.

Missing User Warnings

High
Confidence
95% confidence
Finding
The image-generation flow sends dream-derived prompts to an external model service without user-facing disclosure. Those prompts can encode highly personal themes, fears, relationships, and mental-state inferences, creating privacy leakage to a third party.

Ssd 3

Medium
Confidence
94% confidence
Finding
Persistent logging of raw dream text plus inferred emotional attributes creates a sensitive profile over time. Even if intended for user convenience, accumulating intimate psychological and behavioral data increases harm from later unauthorized access, over-retention, or unintended reuse.

Ssd 3

Medium
Confidence
95% confidence
Finding
The code sample explicitly saves the user's original dream text and inferred fields such as emotion, verdict, and domains into a long-term record. This is sensitive derived-data retention, which can reveal mental state and personal circumstances if exposed or repurposed.

Ssd 3

Medium
Confidence
91% confidence
Finding
The skill is designed to retrieve and present prior stored dream history and monthly summaries from accumulated records. That makes any privacy failure more consequential by turning stored sensitive data into a browsable dossier, increasing exposure if the wrong session/user gains access.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal