ClawHub

Aivoov

Security checks across malware telemetry and agentic risk

Overview

This AiVOOV skill is not malicious, but it gives an agent broad authenticated Membrane access, including raw API requests that could change or delete remote data without clear safeguards.

Install only if you intend to connect AiVOOV through Membrane and trust Membrane with authenticated API traffic. Prefer listed or discovered actions over raw proxy requests, review the exact endpoint and payload first, and require explicit confirmation for any create, update, delete, member, workspace, recording, or automation operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill is scoped as an AiVOOV integration, but the instructions authorize generic connection creation logic that can dynamically discover or build connectors from arbitrary URLs. That broadens the operational scope beyond a narrowly defined AiVOOV workflow and can enable unintended access patterns or misuse if the skill is invoked on loosely related requests.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The raw proxy capability permits arbitrary HTTP requests, including POST, PUT, PATCH, and DELETE, which gives the agent a broad ability to modify or delete remote data. In a skill advertised for general AiVOOV data interaction, this is overpowered and dangerous because it bypasses safer, pre-defined actions and lacks explicit safeguards for destructive operations or sensitive endpoints.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The description 'Manage data, records, and automate workflows' is broad enough to match many generic enterprise tasks, which increases the chance of over-invocation outside the user's intended AiVOOV context. Over-broad routing can cause the wrong skill to activate and perform operations against external systems with network access.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation advertises direct API proxying without warning that requests may transmit sensitive data or perform destructive actions. This omission is risky because users or agents may treat the proxy as routine functionality and unknowingly issue high-impact requests to modify, delete, or exfiltrate data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal