ClawHub

company-search

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed company-research helper that uses web search and optional local fetch tooling, with privacy and shell-use cautions but no artifact-backed deception or destructive behavior.

Install only in an agent environment where you are comfortable granting web search/fetch and possible shell fallback access. Use direct fetch for sensitive work, do not send private company data or internal URLs through proxy/archive strategies, and make sure any shell invocation passes user queries as arguments rather than interpolating them into untrusted command strings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill declares powerful execution capabilities ("bash" and "shell") that are not necessary for a company-research workflow, which primarily requires search, fetch, and parsing tools. Unnecessary command-execution access violates least privilege and materially increases the blast radius: if the skill prompt, fetched content, or downstream logic is manipulated, an attacker could pivot from web research into arbitrary local command execution, data exfiltration, or environment reconnaissance.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly documents fallback fetch methods that route requested URLs or page content through third-party services such as a reader proxy and the Wayback Machine, but it does not warn users that company names, investigation targets, or fetched content may be disclosed to external providers. In a due-diligence skill, queries can be commercially sensitive, so silent use of these services creates a meaningful privacy and confidentiality risk even if it is framed as a convenience feature.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal