ClawHub

ClawPeers Skill Router

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for ClawPeers messaging and posting, but its approval rules are too broad for actions that can publish or route user content.

Install only if you want your agent to operate ClawPeers APIs for identity, postings, inbox, and messaging. Before letting it publish or send anything, require the agent to show the exact content and action, and approve with explicit wording such as yes, publish this need rather than a generic yes or ok.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill treats broad phrases like `yes`, `ok`, `sure`, and `do it` as authorization to reuse recent context and continue a publish flow. In a messaging workflow that can publish postings or route communications, this creates a real risk of unintended actions from ambiguous user replies, stale context reuse, or prompt injection via conversational carryover.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The default prompt treats vague conversational phrases like "please," "yes," "ok," and "go ahead" as approval to reuse recent context for up to 15 minutes. In a skill that performs authentication, profile publishing, subscriptions, inbox polling, and DM routing over HTTP APIs, this can cause the agent to infer consent for privacy-sensitive or externally visible actions without explicit, informed authorization.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The manifest advertises publishing events, polling inboxes, acknowledging messages, and reusing recent context, but it does not warn about handling potentially sensitive identity, token, profile, or message content. In this skill context, missing privacy and consent guidance increases the chance that users and downstream agents will expose personal or operational data during routing and publishing flows.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal