ClawHub

LobsterBio - Use

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed bioinformatics helper for Lobster AI, with expected network, workspace, and credential use, but users should handle API keys and sensitive data carefully.

Install this if you intend to use Lobster AI for bioinformatics work and trust the external lobster-ai runtime. Use a dedicated workspace, avoid --global unless needed, do not process regulated or confidential biological or clinical data unless your LLM provider and environment are approved, and prefer setup methods that do not expose API keys in command-line arguments or logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
80% confidence
Finding
The trigger list contains broad terms such as 'cluster', 'run QC', 'bioinformatics', and 'drug discovery' that can match ordinary conversation and cause unintended invocation of a powerful skill. In this skill's context, accidental activation is more dangerous because the tool can access networks, process external datasets, and write workspace files, increasing the chance of unnecessary data exposure or unsafe autonomous actions.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation recommends invoking `lobster init --non-interactive --anthropic-key "$ANTHROPIC_API_KEY"`, which places the secret on the command line. Command-line arguments can be exposed to other local users via process listings and may also be captured in shell history, CI logs, or debugging output, making the API key easier to leak. In this skill's orchestration context, users are likely to automate setup in shared servers, notebooks, or CI environments, which increases practical exposure risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal