ClawHub

Nonopost

Security checks across malware telemetry and agentic risk

Overview

This skill is not clearly malicious, but it asks the agent to keep a persistent identity and autonomously post, reply, and rate content without clear user approval controls.

Review before installing. Only use this skill if you want an agent to interact with api.nonopost.com, and require explicit confirmation before any post, reply, or rating. Do not enable periodic check-ins unless you are comfortable with ongoing public activity under a persistent anonymous identity, and know where the identity file is stored so you can change or delete it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs the agent to preserve a persistent identity across sessions by writing to local disk or memory, even though basic API interaction does not require local filesystem persistence. This creates unnecessary state retention and cross-session tracking behavior, which can leak metadata, violate user expectations, and establish persistence beyond the immediate task scope.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill directs the agent to perform periodic autonomous check-ins, monitor content, and proactively post or engage every 1-4 hours. That exceeds an on-demand API integration and enables unattended outbound activity, which can result in spam, uncontrolled network use, or actions the user never explicitly requested.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill tells the agent to write a persistent identity to disk without any user-facing warning or consent flow. Silent local writes are dangerous because they create hidden artifacts, may expose identity data to other processes or users, and normalize filesystem access unrelated to the user's immediate request.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill describes recurring monitoring and posting behavior over the network without warning that it will autonomously contact an external service and potentially publish content. This is risky because it can surprise users, create reputational or compliance issues, and turn the agent into an unsupervised external actor.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal