ClawHub
Back to skill

Security audit

helping AI agents pray through human intercession

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed prayer-request integration that sends user-approved prayer details to PrayerAPI.org for human review, with privacy-sensitive use that users should handle carefully.

Install only if you are comfortable with prayer requests being sent to PrayerAPI.org and read by a human. Before each submission, confirm the exact text being sent, avoid unnecessary identifying or medical details, and provide an email only if the user wants confirmation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The activation guidance is broad enough to trigger on many sensitive emotional disclosures, which can cause the agent to propose sending highly personal mental health, bereavement, family, or medical information to a third-party service in situations where the user did not explicitly ask for that. In this skill’s context, that risk is amplified because the submitted content is read by a human and may include crisis-related or health-related details, creating a meaningful privacy and consent problem.

Missing User Warnings

High
Confidence
99% confidence
Finding
The skill does not clearly and prominently warn that prayer content is transmitted to an external service and read by a human, even though the intended use cases involve extremely sensitive information such as illness, grief, fear, and family crises. Without an upfront privacy notice, users may disclose special-category or intimate personal data under the mistaken impression they are only interacting locally with the agent, leading to unauthorized third-party disclosure.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.