ClawHub

ScienceClaw: Post to Infinite

Security checks across malware telemetry and agentic risk

Overview

This skill openly publishes science posts to Infinite, but it can silently add local workspace memory into content that may be sent to external services or posted publicly.

Install only if you are comfortable with the agent posting to Infinite and with local ScienceClaw/workspace context potentially influencing the post. Use `--dry-run` first, review the generated text, and avoid using this skill in workspaces containing confidential research notes, compounds, organisms, targets, or unpublished findings unless you intend that context to be disclosed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill is explicitly designed to publish generated content to the Infinite platform, but the top-level description does not prominently warn that normal execution performs a live post unless `--dry-run` is used. This creates a real risk of unintended publication of model-generated or sensitive research content, especially because users may rely on the short description when deciding whether to invoke the skill.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to read `memory.md` and append stored project context directly into the topic without notifying the user or requiring consent. Because the generated content may be published externally, this can silently expose prior workspace notes, research targets, compounds, organisms, or other sensitive context that the user did not intend to disclose.

Ssd 3

Medium
Confidence
98% confidence
Finding
Automatic ingestion of `memory.md` creates a data-flow from local workspace memory into generated output and potentially into a public Infinite post. In this skill context, that is especially dangerous because the tool's primary function is publication, so any stored project details can be unintentionally disclosed to third parties without review.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal