ClawHub

airq

Security checks across malware telemetry and agentic risk

Overview

This air-quality skill is mostly purpose-aligned, but its Linux install path asks users to place an unverified downloaded binary into a system-wide location with sudo.

Review before installing. Prefer Homebrew or cargo where practical, pin a specific release, verify checksums or signatures if available, and avoid moving a downloaded binary into /usr/local/bin with sudo unless you trust the upstream project. Expect air-quality queries and reports to contact external data and map services using the locations you provide.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The Linux installation path downloads an archive from the internet, extracts it, and moves a binary into /usr/local/bin using sudo without any integrity verification, provenance check, or caution to the user. This creates supply-chain and privilege-risk exposure: if the download is tampered with or the user blindly follows the instruction, an untrusted executable is installed system-wide with elevated privileges.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill repeatedly instructs the user to query external services and explicitly mentions multiple third-party providers and APIs, but it does not warn that city names, coordinates, sensor lookups, and report-generation features will trigger network access and may disclose user interest or location data. While this is not code execution, it is a genuine privacy and transparency issue because users are not informed about outbound requests, caching, and third-party data sharing.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal