ClawHub

Train Robotic AI Models using Qualia

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Qualia cloud-training skill that can use an API key to create, monitor, cancel, and delete Qualia training resources, with no evidence of hidden or unrelated behavior.

Install only if you trust the Qualia integration and are comfortable giving an agent a revocable Qualia API key. Require explicit confirmation before creating projects, launching training, cancelling jobs, or deleting projects, and confirm dataset ID, model, instance, region, duration, and estimated credits before any finetune command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README explicitly promotes launching and monitoring cloud training jobs from conversational agent interactions, but it does not warn that these actions invoke external networked APIs and may consume paid GPU credits. In the context of an agent skill, this increases the risk of users granting an autonomous or semi-autonomous agent the ability to trigger costly or unintended remote operations without clear consent boundaries.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
Telling users to drop the skill into any agent context that has tool use and shell access effectively encourages enabling a shell-capable agent to execute training-management commands, but without any safety caveats. In this skill's context, those shell commands can create projects, inspect datasets, and launch remote training jobs, which makes accidental execution, unexpected network access, and unauthorized resource consumption more likely.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill documents a destructive `project-delete <project_id>` command alongside routine management commands without an explicit warning or confirmation requirement. In an agent setting, this increases the chance that a user or autonomous workflow invokes deletion accidentally, causing irreversible loss of project metadata, training-job history, and possibly associated artifacts.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal