ClawHub

Research

Security checks across malware telemetry and agentic risk

Overview

This research skill has a coherent purpose, but its setup references missing helper commands and asks users to persist an API key, so it should be reviewed before use.

Use the interactive note-taking part only if you are comfortable with research prompts and findings being saved locally. Before enabling deep research or PDF export, verify the actual parallel-research and export-pdf scripts from a trusted source, avoid system-wide symlinks unless needed, prefer a safer uv install method than curl | sh, and use a scoped or revocable Parallel AI API key.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The setup instructions tell the user to place an API key into a shell-loaded file and automatically export it from ~/.bashrc, but they do not warn about the security implications of persisting secrets in startup files or loading them through shell expansion. This increases the chance of accidental credential disclosure through backups, shell debugging, profile inspection, or unsafe parsing of the .env content.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
The instructions pipe a remotely downloaded installer script directly into sh without any integrity verification, signature check, or warning. If the remote host, connection, or served script is compromised, this results in immediate arbitrary code execution on the user's machine.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger conditions are broad enough to activate on common exploratory conversation, which increases the chance the skill runs without the user clearly intending to start a persistent research workflow. Because this skill creates folders and documents in the user's home workspace, accidental activation can lead to unwanted file creation and unintended data retention.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to create and update files under ~/.openclaw/workspace/research without first warning the user that this is persistent storage. This can cause silent retention of prompts, research topics, and derived notes that may contain sensitive information the user expected to remain ephemeral.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal