ClawHub

Anima

Security checks across malware telemetry and agentic risk

Overview

The skill appears legitimate, but it can turn broad build requests into live published apps and local code changes without clearly requiring confirmation.

Install only if you intend to use Anima as an external design, code-generation, and hosting service. Before use, make publish/deploy intent explicit, review where generated files will be written, avoid sending confidential designs or private URLs unless Anima is approved for that data, and provide ANIMA_API_KEY only through a secure environment or secret store.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger description is very broad, including generic phrases like 'design, create, build, or prototype something' and publish/deploy intents. This can cause the skill to activate in situations where the user did not explicitly request Anima, leading an agent to invoke app creation, code generation, or deployment flows unnecessarily.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documents create, publish, codegen, and download capabilities without a prominent user-facing warning that publishing creates a live hosted app and codegen/download write files locally. In an agent setting, this can lead to unintended external exposure of content or unintended modification of the local workspace if invoked implicitly.

Missing User Warnings

Low
Confidence
81% confidence
Finding
The skill states that an ANIMA_API_KEY is required, but does not include a user-facing warning about safe credential handling. In practice this can encourage users or downstream agents to expose secrets in prompts, logs, command history, or generated files during setup and troubleshooting.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal