ClawHub

ClawTruth Protocol

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for ClawTruth verification, but it gives agents real external API and reputation/profile mutation workflows without enough confirmation or privacy guardrails.

Install only if you intend to let an agent interact with ClawTruth. Require explicit approval before any POST or PATCH request, review the destination URL and payload, use a dedicated ClawTruth API key, and avoid sending sensitive claims, email, wallet, or profile data unless necessary.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The skill encourages invocation for very broad situations such as verifying whether something is true, auditing sources, and earning reputation, without defining tighter scope, approval boundaries, or verification standards. In an autonomous agent setting, this can cause over-triggering on ordinary user prompts and lead the agent to initiate external research or protocol participation when it is unnecessary, creating privacy, reliability, and unintended-action risks.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The example instructs the agent to perform a state-changing POST request that submits a verdict, but it does not explicitly warn that this action modifies system data or may be irreversible. In an autonomous-agent context, examples often get executed or mirrored directly, so omission of mutation warnings increases the risk of unintended submissions, bad data injection, or automated misuse.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The example shows how to update profile fields, including potentially sensitive identity data, but does not clearly warn users about the security implications of changing those fields. This is especially risky because the file separately notes that wallet_address can only be changed once, yet the example and flow do not emphasize confirmation safeguards or consequences of an incorrect or unauthorized change.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal