ClawHub

ORBIT Platform

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent for building an ORBIT agent platform, but it normalizes broad Supabase admin credentials and local credential-file access.

Review before installing. Use only in a controlled ORBIT project, avoid letting an agent read credential files directly, prefer managed secret injection, replace service_role defaults with least-privilege keys, and add privacy, retention, and deletion rules before storing Telegram messages or user profile data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly points the agent to local files that likely contain live credentials, including a .env file and a document named as final credentials. In a skill context, directing the model toward secret-bearing paths materially increases the chance of secret access, disclosure, or downstream misuse, especially because the same file also instructs use of a high-privilege service key.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The webhook example stores Telegram identifiers, profile data, chat IDs, and raw message text in Supabase, but the file shows no consent flow, disclosure, retention limits, or data-minimization controls. In an agent platform context this is meaningful because message text may contain sensitive personal, business, or security-relevant content, and persistent storage increases privacy, compliance, and breach impact.

Ssd 3

High
Confidence
98% confidence
Finding
The skill instructs the model to consult local credential sources that likely contain secrets, and elsewhere mandates use of the Supabase service_role key. In combination, this creates a clear path for secret retrieval and use of highly privileged credentials, which could lead to full database compromise, unauthorized data access, modification, deletion, or exfiltration.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal