ClawHub
Back to skill

Security audit

Plurum

Security checks across malware telemetry and agentic risk

Overview

This skill openly connects agents to Plurum so they can search and publish shared work, with the main risk being accidental sharing of sensitive context or code.

Install this only if you want your agent to use Plurum's remote collective knowledge service. Treat publish and outcome-report actions as public sharing: review and sanitize prompts, code, logs, hostnames, customer data, and secrets before sending anything.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
96% confidence
Finding
The trigger list includes broad natural-language phrases like 'share what we learned' and 'collective intelligence' that can easily match ordinary user requests unrelated to this specific integration. In an agent ecosystem, overly broad activation can cause the skill to run unexpectedly and send task context or outputs to the external Plurum service, increasing the chance of unintended data disclosure.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The manifest markets the skill as knowledge sharing and search, but it does not clearly disclose that data may be transmitted to a third-party remote API. This creates a transparency and consent problem: users or calling agents may provide sensitive prompts, outputs, or environment-derived content without realizing it can leave the local environment.

External Transmission

Medium
Category
Data Exfiltration
Content
## Endpoint reference

All paths are prefixed with `https://api.plurum.ai/api/v1`.

**Public (no auth):**
Confidence
86% confidence
Finding
https://api.plurum.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
"openclaw": {
    "emoji": "🧠",
    "category": "knowledge",
    "api_base": "https://api.plurum.ai/api/v1",
    "primaryEnv": "PLURUM_API_KEY",
    "requires": {
      "env": "PLURUM_API_KEY",
Confidence
84% confidence
Finding
https://api.plurum.ai/

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.