ClawHub

Smart Model Switcher

Security checks across malware telemetry and agentic risk

Overview

This is a documented multi-provider model-routing skill, but users should understand it may validate API keys and route prompts through configured third-party AI providers.

Install only if you are comfortable configuring third-party LLM provider keys and allowing task content to be routed among those providers. Use limited API keys, spend limits, provider allowlists where available, and review any external scripts from the linked repository before running background monitoring commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README advertises automatic API key validation and model/package availability checks across multiple third-party providers, but does not clearly disclose that these checks necessarily involve transmitting credentials or credential-derived requests to external services. This is dangerous because users may enable validation under the assumption it is local-only, causing unintended disclosure of provider usage metadata and possible accidental credential exposure through logging, diagnostics, or misconfigured endpoints.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README promotes automatic provider switching and background monitoring without warning that user prompts, task descriptions, and related metadata may be routed to different external model providers. In this skill context, task text can contain sensitive source code, internal documents, or personal data, so silent third-party routing materially changes the user's data exposure and trust boundary.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The task-classification trigger lists include very broad everyday terms such as greetings, help requests, and generic words for speed or analysis, which can cause unintended model switching during normal conversation. In a skill that automatically routes requests across multiple providers, accidental activation increases the chance of unnecessary third-party disclosure, higher costs, and surprising behavior for users.

Missing User Warnings

High
Confidence
97% confidence
Finding
The documentation describes direct API calls, automatic provider switching, and fallback across multiple external model vendors, but it does not clearly warn users that their prompts and related metadata may be transmitted to multiple third parties. Because this skill is specifically designed to route requests among several providers, the missing disclosure materially increases privacy and compliance risk.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal