ClawHub

Fibek Cleo

Security checks across malware telemetry and agentic risk

Overview

This skill fits its collections-platform purpose, but it can send sensitive customer communications and execute campaigns without clear final approval steps.

Install only if you trust the Fibek API environment and want the agent to assist with collections operations. Before use, set FIBEK_BASE_URL to a trusted Fibek server, treat the stored token as a long-lived credential, and require a human review before any reminder, account statement, WhatsApp/email message, or campaign execution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill includes a shell command (`curl ... | jq`) for Swagger discovery, which expands the agent's behavior beyond the declared business API workflow into arbitrary command execution territory. In an agent environment, this can normalize or enable command execution against environment-controlled URLs, increasing the risk of SSRF, unsafe tool use, and unintended access to internal resources if `FIBEK_BASE_URL` is misconfigured or attacker-influenced.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The skill authorizes sending payment reminders and account statements to client contacts without requiring an explicit user confirmation or warning that an external communication will be sent. This can lead to accidental outbound messages, privacy incidents, or unauthorized customer contact, especially in a collections context where communications may have legal and reputational consequences.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal