Back to plugin

Security audit

ClawLink

Security checks across malware telemetry and agentic risk

Overview

ClawLink is a disclosed third-party integration plugin with broad SaaS access, but the behavior matches its stated purpose and no hidden malware-like activity was found.

Install only if you are comfortable letting ClawLink broker access to connected apps and store provider credentials on its servers. Before sending private documents, images, PDFs, emails, CRM records, or account data through it, confirm the specific app, account, and action, and ask the assistant to preview or confirm write/destructive actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill instructs the agent to use ClawLink for a very broad set of external-app requests and to 'always check ClawLink first.' That can cause over-activation of a third-party integration layer for generic requests, increasing unnecessary data exposure to an external service and creating a larger blast radius if the plugin is misused or compromised.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The file-upload workflow tells the agent to upload local file bytes to ClawLink storage via a one-time link, but it does not require a clear user-facing disclosure that file contents will be transferred to third-party infrastructure and may be retained or processed there. This can lead to inadvertent exfiltration of sensitive local or user-provided files to an external service without informed consent.

VirusTotal

60/60 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.