ClawHub

Investigator

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a coherent public OSINT helper, but one domain-check script can execute injected shell commands from a crafted domain input.

Review before installing. Use only for public, legitimate, non-invasive OSINT, and avoid running the domain helper on untrusted or unsanitized domain strings until its shell invocation is fixed. Treat HIBP, IP, and profile lookups as external disclosures of the target identifier.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
def run(cmd):
    try:
        out = subprocess.check_output(cmd, stderr=subprocess.STDOUT, text=True, timeout=15)
        return out.strip()
    except Exception as e:
        return f'ERROR: {e}'
Confidence
98% confidence
Finding
out = subprocess.check_output(cmd, stderr=subprocess.STDOUT, text=True, timeout=15)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The description is broad enough to trigger on many generic research tasks involving people, companies, domains, images, or locations. Over-broad invocation can cause the agent to activate OSINT tooling in situations where a narrower or safer skill should be used, increasing the chance of unnecessary data collection or mission creep into sensitive investigations.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The top-level guidance 'Use this skill for broad public-footprint OSINT' is ambiguous and encourages expansive use. In practice, this can lead to activation on loosely related requests and increase privacy and safety risk, especially because the skill supports correlation across multiple identifiers and public sources.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script transmits the supplied email address to a third-party service, which is a privacy-sensitive action because it discloses user-provided personal data outside the local environment. In an OSINT skill this may be expected functionality, but the code itself provides no notice, consent check, or policy guardrail before sending the email to HIBP, so misuse or surprising disclosure is plausible.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script sends the user-supplied IP address to third-party services (ipinfo.io and ip-api.com) without any explicit notice, consent flow, or indication that the queried value will leave the local environment. In an OSINT skill this may be expected behavior, but it still creates a privacy and operational-security risk because sensitive investigation targets or internal IPs may be disclosed to external providers and logged by them.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script automatically sends the supplied username to multiple third-party platforms, which can disclose the investigation target to external services without explicit notice or consent controls in the code. In an OSINT skill, this behavior is functionally expected, but it still creates a privacy and operational-security risk because lookups may be logged, rate-limited, or correlated by those services.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal