ClawHub

AIFS - HTTP File system

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward AIFS.space cloud storage skill, but users should treat it as an external storage integration that can create, change, and delete remote files.

Install only if you intend to use AIFS.space for non-sensitive cloud storage. Use a least-privilege API key, avoid secrets or regulated data, and explicitly confirm before overwriting, patching, or deleting remote files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The activation text is broad enough to trigger on generic requests about cloud storage, persistence, or syncing, not just explicit AIFS intent. That can cause the agent to invoke this skill unexpectedly and route user data to an external third-party service, increasing the chance of unintended disclosure or destructive file operations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill describes storage and retrieval capabilities but does not prominently warn that user content will be transmitted to an external cloud service and that the skill can perform write, patch, and delete operations. In practice, this can lead to users or calling agents sending sensitive or regulated data off-platform without informed consent.

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# Save
curl -X POST -H "Authorization: Bearer $KEY" -H "Content-Type: application/json" \
  -d "{\"path\":\"sessions/$(date +%Y-%m-%d).md\",\"content\":\"# Session Notes\\n...\"}" \
  https://aifs.space/api/write
Confidence
90% confidence
Finding
curl -X POST -H "Authorization: Bearer $KEY" -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
EXISTING=$(curl -s -H "Authorization: Bearer $KEY" "https://aifs.space/api/read?path=log.txt" | jq -r .content)

# Append and write back
curl -X POST -H "Authorization: Bearer $KEY" -H "Content-Type: application/json" \
  -d "{\"path\":\"log.txt\",\"content\":\"$EXISTING\\n$(date): New entry\"}" \
  https://aifs.space/api/write
```
Confidence
88% confidence
Finding
curl -X POST -H "Authorization: Bearer $KEY" -H "Content-Type: application/json" \ -d

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal