ClawHub

HokiPoki

Security checks across malware telemetry and agentic risk

Overview

HokiPoki appears purpose-built for routing work to other AI tools, but it needs Review because it can send broad project contents off-machine, auto-apply remote patches, and run a listener using local AI accounts.

Install only if you trust the HokiPoki CLI and are comfortable sending selected project content to remote AI providers. Prefer specific files over directories or --all, use --no-auto-apply and review diffs before accepting changes, avoid secrets or regulated data, and run provider/listener mode only for trusted workspaces with accounts you are willing to expose for that purpose.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The description contains broad trigger phrases such as 'ask another AI', 'get a second opinion', and 'switch models' that could activate in ordinary conversation without the user intending to invoke this skill. Because the skill can send tasks, files, directories, or even an entire project to another machine/model, accidental invocation increases the chance of unintended data disclosure or execution of remote-sharing workflows.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill shows commands that send specific files, directories, or the whole project to another AI via a P2P network, but it does not clearly warn the user that project contents may leave the local machine and be exposed to another provider/model. Although it mentions encryption and that API keys stay local, that reassurance can downplay the more important privacy and confidentiality risk: source code and sensitive files may be transmitted off-host.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal