ClawHub
Back to skill

Security audit

ClawKB

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed ClawKB API helper; its main risks are normal credential handling and the optional auto-recall plugin’s privacy impact.

Install only for ClawKB servers you trust. Use scoped, revocable tokens; avoid pasting tokens into shared logs or repositories; confirm write/delete/upload actions before running them; and enable the optional auto-recall plugin only after understanding what message data it sends and what knowledge it may inject into agent context.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs agents to obtain, store, and reuse Bearer API tokens but does not warn about secret handling risks such as shell history leakage, terminal logging, pasted transcripts, or accidental inclusion in artifacts. Because these tokens authorize direct API access, exposing them could let another party read or modify ClawKB data with the token holder's privileges.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The auto-recall plugin description says it searches ClawKB before every conversation and injects results into system context, but it does not clearly warn that user messages or derived queries may be transmitted automatically to external infrastructure on every interaction. This creates a meaningful privacy and data-governance risk, especially in environments handling sensitive prompts, internal data, or regulated content.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal