ClawHub

Causal Abel

Security checks across malware telemetry and agentic risk

Overview

This skill appears built for Abel causal analysis, but it needs Review because it stores an API key locally and exposes broad remote probing for high-impact decision advice.

Install only if you trust Abel and want an authenticated external service involved in decision analysis. Treat the Abel API key as a secret: avoid shared workspaces, do not commit `.env.skill` or `.env`, and revoke or rotate the key if exposed. For ambiguous finance, housing, career, or business questions, confirm that you actually want Abel analysis before letting the skill run probes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The script exposes generic 'verb' and 'route' commands that allow callers to invoke arbitrary CAP server operations beyond the documented causal-analysis workflow. In a skill whose stated purpose is narrowly analytical, this expands the reachable remote attack surface and can enable unintended actions against the backend if higher-risk verbs exist or are added later.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill instructs the agent to persist the resulting API key in session state and `.env.skill` without requiring explicit user consent or warning about local credential storage. Storing OAuth-derived secrets in plaintext local files increases the chance of credential theft through local compromise, accidental inclusion in backups/repos, or exposure to other tools that read environment files.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The default prompt is extremely broad and invites the skill for many categories of high-stakes decisions, including investing, housing, education, career, and other dollar-value choices. That breadth increases the chance the agent is invoked in ordinary requests where specialized, high-impact advice may be given without strong gating, domain constraints, or safety checks.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The guide instructs persisting a freshly returned API key into a local env file but does not include safeguards such as explicit user consent, file permission guidance, exclusion from version control, or warnings about other local processes reading plaintext secrets. This creates a real secret-handling weakness because the skill is specifically acquiring a live credential and then recommending durable local storage in an easily exposed format.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal