ClawHub

ogp-agent-comms

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed setup guide for agent-to-agent communication policies, with sensitive settings users should configure carefully.

Install only if you trust the OGP npm package and want federated agent communication behavior. Prefer per-peer and per-topic policies over broad global defaults, be cautious with full or autonomous response modes, and treat activity logs as sensitive because they can contain message contents and peer details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger guidance includes a generic phrase like 'how should my agent respond to X,' which is broad enough to match ordinary discussion rather than an explicit request to configure policies. In an agent skill system, overly broad triggers can cause unintended invocation of a configuration workflow and shift the conversation into operational or security-sensitive changes without sufficiently clear user intent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill documents activity logging of inbound and outbound agent communications, including peer identifiers, topics, timestamps, and message content, but does not prominently warn the user about privacy, retention, or sensitivity implications. Because this skill manages federated agent communications, those logs may capture confidential inter-agent exchanges and human-related scheduling or operational details, increasing disclosure risk if stored insecurely or enabled by default.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal