ClawHub

Boxed HTTP Server

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed guide for running a sandboxed static HTTP server, but its examples should be treated as placeholders and not copied with real secrets.

Install only if you need a local/static HTTP server or proxy and trust the referenced WASM component. Before use, inspect the source, prefer a pinned release or checksum, bind only to the needed interface, restrict allowedOutboundHosts tightly, and never copy the admin/admin or bearer-token examples with real credentials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documentation includes a Basic Auth example using hardcoded credentials (`admin`/`admin`) without any warning that these are placeholder values and unsafe for real deployments. Users often copy examples verbatim, which can lead to weak or default credentials being exposed on network-accessible services.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The proxy example embeds a bearer token directly inside configuration passed on the command line. This is dangerous because copied configs may leak real credentials into shell history, logs, screenshots, version control, or shared documentation, especially in a proxying workflow where auth headers are normalized as part of setup.

Ssd 3

Medium
Confidence
88% confidence
Finding
This line contributes to normalizing insecure secret handling by showing example credentials directly in the skill content. Even if intended as illustrative, documentation that models plaintext credential usage increases the chance that operators will replicate the pattern in real deployments.

Ssd 3

Medium
Confidence
97% confidence
Finding
The example explicitly instructs putting an `Authorization` bearer token into proxy headers within the configuration string. In context, this is more dangerous because the skill is designed for reusable server setup, so users may paste long-lived API tokens into persistent configs, shell history, or team-shared snippets, causing credential leakage and downstream API abuse.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal