ClawHub

Nowsecure

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real NowSecure/Membrane integration, but it gives an agent broad authenticated access to sensitive NowSecure data and API changes without clear confirmation safeguards.

Install only if you trust Membrane and intend to connect it to NowSecure. Use a least-privileged account, review the OAuth or connection scopes, and require explicit confirmation before deleting data, changing users/roles/permissions, modifying billing or subscriptions, or sending sensitive findings, evidence, binaries, reports, or raw API payloads through the proxy.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description, 'Use when the user wants to interact with NowSecure data,' is broad enough to match many generic security or data-management requests without clearly constraining scope. In an agentic setting, overly broad routing can cause the skill to activate unexpectedly and reach a live external service, increasing the chance of unnecessary data access or unintended operations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
These instructions explicitly enable action execution and raw proxy requests against a live NowSecure tenant, including arbitrary HTTP methods and direct endpoint access, but do not require user confirmation or warn that data may be transmitted or modified. That creates a real risk of silent reads, writes, deletions, or broader data exposure when an agent follows the skill autonomously.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal