ClawHub

TeamWork

Security checks across malware telemetry and agentic risk

Overview

This multi-agent skill appears purpose-aligned, but it needs review because it can persist AI provider credentials and share full task content across multiple configured models without clear privacy controls.

Review before installing. Prefer environment-variable references or a secret manager instead of raw API keys, keep `.trae/config` out of version control, inspect generated config files, and only configure providers you are comfortable receiving the task content handled by this skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README instructs users to add AI providers and API keys and references storing provider credentials in local configuration files, but it gives no guidance on secure storage, access control, redaction, or avoiding accidental exposure. In a skill that coordinates multiple providers, this increases the chance that sensitive credentials are mishandled, committed to source control, logged, or exposed to other components.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs collecting provider API keys and persisting provider configuration, but it does not require secure secret handling, masking, encryption, or an explicit privacy warning before collecting credentials. In a multi-agent orchestration skill, this creates a credible path for credential exposure through files, logs, configuration display, or downstream agent access.

Missing User Warnings

High
Confidence
98% confidence
Finding
The workflow says the host model presents all task content to all eligible models and shares context broadly, but it provides no consent gate, minimization rule, or warning that data may be disclosed to multiple providers. Because this skill is specifically designed to fan tasks out across different models/providers, unrestricted sharing materially increases confidentiality and privacy risk.

Ssd 3

Medium
Confidence
92% confidence
Finding
The skill includes commands to display the complete provider/model configuration and later instructs broad task briefing, creating a realistic chance that stored credentials, endpoints, or sensitive task details are echoed in plain language. Since the same skill also collects and persists provider secrets, unredacted display substantially amplifies the exposure risk.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal