ClawHub

MasterSwarm AI Document Analysis

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cloud API connector, but users should only send documents they are comfortable sharing with MasterSwarm/NeuroDoc.

Install only if you are comfortable sending selected text or documents to MasterSwarm/NeuroDoc. Redact secrets and unnecessary personal data, be cautious with medical/legal/financial documents, verify the provider's privacy and retention claims independently, and confirm before multi-engine runs because they can send the same content multiple times and consume paid credits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill advertises analysis of "any document" with no scope limits or safety boundaries, which can cause over-broad activation and encourage sending highly sensitive material to a third-party API. In this context, the ambiguity is more dangerous because the skill explicitly supports receipts, contracts, lab results, legal, business, and crypto use cases, all of which commonly contain confidential data.

Vague Triggers

Medium
Confidence
90% confidence
Finding
Telling users to send "any text or question" creates an ambiguous activation condition that can capture secrets, regulated data, or unrelated private content without meaningful boundaries. Because this skill is an API connector that forwards inputs to an external service, the broad phrasing materially increases the chance of unsafe data exfiltration.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The manifest requires a MasterSwarm API key and advertises cloud-based document analysis, but it does not disclose credential handling practices or clearly warn that user documents and prompts may be transmitted to a third-party service. Because the skill targets sensitive content such as receipts, contracts, medical, legal, and crypto-related documents, the missing disclosure materially increases the risk of users exposing confidential data without informed consent.

External Transmission

Medium
Category
Data Exfiltration
Content
### Single Engine Analysis

```bash
curl -s --max-time 120 -X POST https://api.neurodoc.app/aetherlang/execute \
  -H "Content-Type: application/json" \
  -H "X-Aether-Key: MASTERSWARM_API_KEY" \
  -d '{
Confidence
96% confidence
Finding
curl -s --max-time 120 -X POST https://api.neurodoc.app/aetherlang/execute \ -H "Content-Type: application/json" \ -H "X-Aether-Key: MASTERSWARM_API_KEY" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# Example: Run apex + consult + research on the same query
for ENGINE_ID in apex consult research; do
  curl -s --max-time 120 -X POST https://api.neurodoc.app/aetherlang/execute \
    -H "Content-Type: application/json" \
    -H "X-Aether-Key: MASTERSWARM_API_KEY" \
    -d "{
Confidence
96% confidence
Finding
curl -s --max-time 120 -X POST https://api.neurodoc.app/aetherlang/execute \ -H "Content-Type: application/json" \ -H "X-Aether-Key: MASTERSWARM_API_KEY" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
homepage: https://masterswarm.net
  skill_type: api_connector
  external_endpoints:
    - https://api.neurodoc.app/aetherlang/execute
  operator_note: "api.neurodoc.app and masterswarm.net are the same operator (NeuroDoc Pro, Hetzner DE)"
license: MIT
---
Confidence
94% confidence
Finding
https://api.neurodoc.app/

External Transmission

Medium
Category
Data Exfiltration
Content
### Single Engine Analysis

```bash
curl -s --max-time 120 -X POST https://api.neurodoc.app/aetherlang/execute \
  -H "Content-Type: application/json" \
  -H "X-Aether-Key: MASTERSWARM_API_KEY" \
  -d '{
Confidence
96% confidence
Finding
https://api.neurodoc.app/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# Example: Run apex + consult + research on the same query
for ENGINE_ID in apex consult research; do
  curl -s --max-time 120 -X POST https://api.neurodoc.app/aetherlang/execute \
    -H "Content-Type: application/json" \
    -H "X-Aether-Key: MASTERSWARM_API_KEY" \
    -d "{
Confidence
96% confidence
Finding
https://api.neurodoc.app/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal