ClawHub

AI Company Builder

Security checks across malware telemetry and agentic risk

Overview

This skill openly aims to automate a company launch, but it gives an AI broad authority over payments, files, memory, platform submissions, and extra skill installs without enough safeguards.

Review this before running it end-to-end. Treat it as a planning checklist unless you add controls: approve every payment, credential, companion-skill install, platform submission, and social-posting step manually; use test or least-privilege keys; keep secrets out of memory files; and review any companion skills separately before enabling them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The invocation phrase "Run the AI Company Builder setup" is broad and authorizes a large bundle of actions without scoping, confirmation gates, or user-selected substeps. In this skill's context, that phrase can trigger file creation, payment setup, memory persistence, and external launch activity, making accidental or overbroad execution materially risky.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill describes extensive file and directory creation/modification but does not clearly warn the user about what will be written, where it will be stored, or how existing files may be affected. Because the skill expects filesystem access and creates persistent memory and product artifacts, the lack of disclosure increases the risk of unintended data modification, clutter, or overwriting of user content.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill includes payment infrastructure setup and `.env` handling but does not warn users that credentials, API keys, and financial configuration may be requested, stored, or processed. In a skill aimed at autonomous execution, this omission is especially dangerous because it can lead users to expose sensitive payment secrets or misconfigure billing-related systems without understanding the security implications.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal