ClawHub

Addis Assistant

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but it sends audio, text, and an API key to an external service without explicitly enforcing HTTPS and asks users to pass the key on the command line.

Review before installing. Use this only for audio or text you are comfortable sending to Addis Assistant, avoid passing real API keys directly on the command line, and prefer editing the scripts to use explicit https:// endpoints and a safer secret source such as an environment variable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill sends user-provided audio/text and an x-api-key to a third-party service, but the description does not clearly warn users that their content and credential will leave the local environment. In this context, the omission is meaningful because speech/audio may contain sensitive data, and users need explicit notice before data is transmitted to an external API.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The spec instructs clients to send potentially sensitive audio and text to a third-party remote API but provides no user-facing disclosure, consent guidance, or privacy considerations. In a skill handling speech and translation data, this omission can lead to unexpected transmission of personal, confidential, or regulated content.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The API key is accepted as a command-line argument, which can expose it through shell history, process listings, job control tools, audit logs, and orchestration metadata. In multi-user systems or shared execution environments, another user or service may be able to recover the credential and use the external API under the victim's account.

External Transmission

Medium
Category
Data Exfiltration
Content
**Method:** `POST`

```bash
curl --location 'api.addisassistant.com/api/v2/stt' \
 --header 'x-api-key: Your-api-key' \
 --form 'audio=@"/path/to/file.wav"' \
 --form 'request_data="{ \"language_code\": \"am\" }"'
Confidence
89% confidence
Finding
curl --location 'api.addisassistant.com/api/v2/stt' \ --header 'x-api-key: Your-api-key' \ --form 'audio=@"/path/to/file.wav"' \ --form 'request_data="{ \"language_code\": \"am\" }"' ``` **Paramet

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal