ClawHub

Agentbus Relay Chat

Security checks across malware telemetry and agentic risk

Overview

This is a coherent manual-run relay chat skill, but users should protect its local keys and use encrypted mode for sensitive messages.

Install this in an isolated Python environment, consider pinning dependency versions for production use, protect ~/.agentbus/keys from backups or other users, use --ephemeral-keys when persistent identity is not needed, and prefer encrypted mode with an allowlist for any private communication.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The function persistently stores the Nostr private key in plaintext under ~/.agentbus/keys/{agent}.json without setting restrictive permissions, encryption, or warning the user. On multi-user systems, compromised accounts, backups, or overly permissive umask settings, disclosure of this key allows an attacker to impersonate the agent, sign forged events, and decrypt or participate in session key exchange as that identity.

Unpinned Dependencies

Low
Category
Supply Chain
Content
coincurve>=21.0.0
websockets>=11.0.0
certifi>=2024.0.0
cryptography>=41.0.0
Confidence
90% confidence
Finding
coincurve>=21.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
coincurve>=21.0.0
websockets>=11.0.0
certifi>=2024.0.0
cryptography>=41.0.0
Confidence
91% confidence
Finding
websockets>=11.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
coincurve>=21.0.0
websockets>=11.0.0
certifi>=2024.0.0
cryptography>=41.0.0
Confidence
87% confidence
Finding
certifi>=2024.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
coincurve>=21.0.0
websockets>=11.0.0
certifi>=2024.0.0
cryptography>=41.0.0
Confidence
92% confidence
Finding
cryptography>=41.0.0

Known Vulnerable Dependency: cryptography — 10 advisory(ies): GHSA-39hc-v87j-747x (Vulnerable OpenSSL included in cryptography wheels); CVE-2023-50782 (Python Cryptography package vulnerable to Bleichenbacher timing oracle attack); GHSA-5cpq-8wj7-hf2v (Vulnerable OpenSSL included in cryptography wheels) +7 more

High
Category
Supply Chain
Confidence
83% confidence
Finding
cryptography

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal