ClawHub

Kiln

Security checks across malware telemetry and agentic risk

Overview

Kiln gives an agent real 3D-printer control, but that authority is disclosed and broadly aligned with the skill’s stated purpose.

Install only if you intend to let an agent interact with real 3D printers. Keep autonomy at the lowest practical level, require approval before starting prints, heating, sending raw G-code, or placing paid manufacturing orders, and use a limited printer/API credential where possible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The README includes broad natural-language prompts such as asking an AI to 'make me a coaster' and states that Kiln 'does the rest,' which can encourage overbroad agent invocation with little user scoping. In the context of a skill that can control physical printers, upload files, slice models, and start jobs, ambiguous prompts raise the risk of unintended tool execution, resource consumption, and physical machine actuation.

Missing User Warnings

High
Confidence
97% confidence
Finding
The README prominently advertises end-to-end autonomous control of real 3D printers with 'No human in the middle' but does not pair that claim with an equally prominent safety warning about physical-world risks. Because this skill can drive heaters, motors, uploads, and print jobs, minimizing operator oversight materially increases the chance of unsafe or unintended actions causing equipment damage, fire risk, wasted material, or injury.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This skill is unusually sensitive because it enables autonomous control over fabrication equipment, including slicing, queuing prints, fleet management, and monitoring. Without an explicit warning that the agent can perform destructive real-world actions, users may unknowingly grant broad authority to an LLM-driven workflow, increasing the risk of equipment damage, wasted material, fire/safety hazards, or unauthorized operation across multiple printers.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This skill is unusually sensitive because it enables autonomous control over fabrication equipment, including slicing, queuing prints, fleet management, and monitoring. Without an explicit warning that the agent can perform destructive real-world actions, users may unknowingly grant broad authority to an LLM-driven workflow, increasing the risk of equipment damage, wasted material, fire/safety hazards, or unauthorized operation across multiple printers.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal