ClawHub

One API key for Chinese AI models. Route to Qwen, Deepseek

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward AIsa LLM gateway client that sends user-chosen chat requests to the documented API endpoint and shows no hidden execution, persistence, or unrelated data access.

Install only if you intend to use AIsa/api.aisa.one as a third-party LLM gateway. Use a dedicated API key, monitor costs and quota, avoid hardcoding or pasting the key into chats or logs, and do not send secrets, regulated data, proprietary code, or private image URLs unless you accept the provider's data-handling terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation instructs users to send prompts, messages, and potentially sensitive content to a third-party API, but it does not warn that this data leaves the local environment and may be retained or processed by the provider. Users may unknowingly submit secrets, internal code, personal data, or regulated content to an external service.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The skill references use of the AISA_API_KEY environment variable but does not warn users to protect the credential from logs, screenshots, shell history, or accidental inclusion in prompts and code samples. While the document does not directly exfiltrate the key, weak credential-handling guidance increases the chance of user-caused secret exposure.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The CLI sends user-provided prompts and optional system/messages content to a third-party API, but the interface does not clearly warn users that their input will leave the local environment. In a skill context, users may paste secrets, proprietary code, or sensitive operational context, making undisclosed transmission a real privacy and data-handling risk.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal