ClawHub

Neonous

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent Neonous API helper, but it gives the assistant broad account-changing powers without enough guardrails for sharing, deletion, and memory reset actions.

Install only if you want an assistant to operate your Neonous account through its API. Verify NEONOUS_URL, protect and rotate NEONOUS_API_KEY as needed, and require explicit confirmation before sharing artifacts, deleting or emptying trash, resetting working memory, connecting Telegram bots, changing agents or MCP servers, or running workflows.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill documents creation of a public artifact share link without any warning that the operation exposes data outside the Neonous workspace. An agent following this guidance could share sensitive user-generated artifacts externally without informed consent, creating confidentiality and privacy risk.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documented delete, restore, and especially empty-trash operations are destructive but the skill provides no confirmation or cautionary guidance. This increases the chance that an agent performs irreversible data loss actions based on ambiguous prompts or user misunderstanding.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
Resetting working memory can erase retained context that may be important for future conversations, but the skill does not warn about this consequence. An agent could trigger this action without the user understanding that contextual memory will be lost.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal