ClawHub

NEXUS Data Validation

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed paid external AI validation service, but its broad automatic invocation and payment flow need review before use.

Install only if you trust NEXUS with the data being validated and are comfortable with paid API calls. Use sandbox_test or narrowly scoped payment credentials where possible, redact secrets and regulated data, and configure the agent to require explicit confirmation before sending data or payment-backed requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill is presented as a data validation capability, but its implementation is actually a wrapper around a paid third-party remote AI service. This creates a security-relevant mismatch between the declared purpose and actual behavior, increasing the risk of users sending sensitive data off-platform under the assumption that validation is local or narrowly scoped.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The skill includes extensive blockchain payment, settlement, and fee-sponsorship functionality that is unrelated to simple data quality checks or schema validation. This unnecessary financial and protocol complexity expands the attack surface, may trigger unintended payment flows, and makes it harder for users to understand the true risk of invoking the skill.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The README states the skill is 'automatically invoked' when a matching task is detected, but gives no trigger boundaries, consent model, or restrictions on what data may be sent. In an agent ecosystem, ambiguous auto-invocation can cause unintended activation and downstream processing of sensitive user data by a remote third-party service.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger and capability description are broad and unspecific, which can cause the skill to be selected in contexts where users did not intend to send data to an external paid service. In combination with network access and remote processing, vague activation criteria increase the chance of accidental exposure of sensitive inputs.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal