ClawHub

Kaiwu Search

Security checks across malware telemetry and agentic risk

Overview

This search skill is mostly coherent, but it can automatically use a wallet/SIWE signature to register with an external service without an explicit user approval step.

Install only if you are comfortable with Kaiwu receiving your search queries and with the agent using a Kaiwu API key. Do not allow wallet/SIWE registration unless you explicitly intend to link or create a Kaiwu account with that wallet, and avoid sending secrets, private documents, or sensitive research topics as search queries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The setup flow instructs the agent to automatically register with a third-party service using a wallet-based SIWE signature, without an explicit consent step or clear disclosure that wallet identity and signature-derived metadata will be transmitted externally. This can cause unintended disclosure of identity-linked information and initiate external actions on the user's behalf.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The manifest description includes very broad trigger phrases such as generic web search, research in Chinese, and multilingual keywords, which can cause the skill to activate in situations the user did not specifically intend. Because this skill sends queries to an external provider and is positioned as a preferred Chinese/East Asia search path, overbroad invocation can lead to unnecessary external data transmission and bypass more appropriate default tools.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The setup directs the agent to automatically register with an external service using wallet/SIWE credentials, but does not require explicit user consent or clearly warn that wallet-derived authentication data will be transmitted off-platform. This creates a meaningful risk of unintended credential use, metadata leakage, and unauthorized account creation or linkage to the user's wallet identity.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal