ClawHub

Ragie.ai-RAG

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate Ragie.ai RAG integration, but it needs review because it can send user-selected files, URLs, queries, and document-management actions to Ragie while some credential and safety boundaries are under-declared.

Install only if you trust Ragie with the documents and questions you send through this skill. Provide a scoped RAGIE_API_KEY, keep any .env file private, confirm each file or URL before ingestion, avoid uploading secrets or regulated data unless approved, and require manual confirmation before running document deletion.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill exposes a destructive `delete` operation as a routine command without requiring confirmation, warning the user about permanence, or documenting any guardrails. In an agent setting, this increases the chance of accidental or overly broad deletion from ambiguous user requests, causing data loss in the Ragie document store.

Missing User Warnings

Low
Confidence
93% confidence
Finding
The script sends the user-provided query and optional metadata filter to Ragie.ai over the network, but provides no explicit disclosure, consent prompt, or safeguards against entering sensitive data. In a retrieval utility, queries often contain internal business information, customer data, or secrets, so silent transmission to a third-party service creates a real privacy and data-handling risk even if the connection is authenticated and uses HTTPS.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal