ClawHub

Brainshop

Security checks across malware telemetry and agentic risk

Overview

This BrainShop skill is a disclosed Membrane-based integration, with no hidden code, but it can act on a connected BrainShop account through authenticated commands.

Install only if you trust the Membrane CLI and are comfortable connecting your BrainShop account through Membrane. Prefer the listed Membrane actions, review the account/workspace being authorized, and require explicit confirmation before creating, training, updating, or deleting BrainShop data through raw proxy requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly documents a generic authenticated proxy mechanism that can send arbitrary requests, including POST, PUT, PATCH, and DELETE, without any safety guidance around destructive operations, sensitive data transmission, or confirmation requirements. In a tool-using agent context, this increases the chance of unintended data modification or exfiltration because the model is encouraged to fall back to raw API access when prebuilt actions do not cover a use case.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal