ClawHub

Clawringhouse - AI Shopping Concierge

Security checks across malware telemetry and agentic risk

Overview

This shopping skill is coherent and not clearly malicious, but it asks agents to use personal context and logged-in browser sessions to add items to carts while forcing affiliate tracking without clear per-action consent.

Review before installing. Use it only if you are comfortable with shopping queries going to Clawringhouse, affiliate-tagged Amazon links, and an agent potentially using browser sessions. Require the agent to ask before reading memory/calendar context, opening a logged-in shopping session, adding or changing cart items, or setting affiliate links/cookies.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README instructs agents to send shopping queries to an external API and use returned recommendations, but it does not clearly warn that user queries and shopping intent will be transmitted to a third-party service. In an agent setting, shopping prompts can contain sensitive preference, budget, gift, health, or household information, so undisclosed data sharing creates privacy and trust risks.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README encourages agents to prepare carts and forward affiliate-tagged Amazon links without a strong warning that this changes the user’s shopping flow and directs them to third-party commerce pages that may financially benefit the skill provider. In an autonomous or semi-autonomous agent context, this can mislead users, bias recommendations, and cause users to follow links or prefilled carts without understanding the redirection and affiliate relationship.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly tells the agent to proactively inspect the user's memory/calendar for holidays, partner preferences, pet needs, and household status without requiring prior consent or a privacy notice. That encourages access to sensitive personal data for speculative shopping activity, creating an unnecessary privacy intrusion and risk of over-collection or misuse of contextual information.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill instructs the agent to automate the user's browser and add products to their Amazon cart, including logged-in sessions, before any clear upfront approval for modifying shopping state. Even though it says to stop before checkout, altering a real cart can influence purchases, create confusion, and act on behalf of the user in a commercial context without sufficiently explicit consent.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
The skill repeatedly mandates inclusion of the affiliate tag in all Amazon URLs and explains cookie-setting and last-click attribution mechanics, but never instructs the agent to disclose to the user that links generate tracking and commissions. This is deceptive commercial steering: it hides a financial interest while intentionally manipulating attribution cookies across agent and user clicks.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal