ClawHub

Shopping Agent

Security checks across malware telemetry and agentic risk

Overview

This instruction-only shopping skill is not malicious, but it describes buying on the user’s behalf without clear checkout, payment, shipping, or privacy safeguards.

Review before installing. Use it only as a shopping research assistant unless you explicitly authorize a purchase, and do not share passwords, payment secrets, or unnecessary personal data. Require confirmation of the exact product, seller, total cost, taxes, shipping or forwarding route, delivery address, return policy, and payment method before any order-affecting action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The example invocation phrases are extremely generic and resemble ordinary user requests, which increases the chance that the skill is triggered unintentionally for unrelated shopping queries. In a skill that facilitates proxy purchasing and order-related guidance, accidental invocation can steer users into higher-risk commerce workflows without clear intent or informed consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly advertises proxy purchasing and order placement but provides no warning about handling personal data, shipping details, payment information, customs implications, or account-impacting actions. In this context, the omission is dangerous because users may disclose sensitive information or rely on the skill for transactional decisions without understanding financial, privacy, and compliance risks.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal