ClawHub

GPU Bridge

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it sends selected ML tasks to user-configured GPU services, with deployment risks the user should manage.

Install only if you are comfortable sending the chosen texts to the configured GPU host. Use hosts you control or trust, set API_KEY for any remote service, prefer HTTPS or a VPN outside localhost/LAN, restrict firewall rules to trusted source IPs, and avoid sending confidential documents to untrusted or plain-HTTP endpoints.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill documentation describes capabilities that use environment variables and network access, but the skill does not declare corresponding permissions. This creates a trust and review gap: operators may install a plugin that can contact remote GPU hosts and consume secrets such as API keys without those capabilities being explicitly surfaced, increasing the chance of unsafe deployment or unintended data exposure.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs users to run the FastAPI service on `0.0.0.0` and explicitly open inbound firewall access on port 8765, which makes the GPU inference service reachable from other machines. While the document mentions an optional `API_KEY`, it does not clearly warn that this exposes a model-serving endpoint to the network and may allow unauthorized access, resource abuse, or information disclosure if deployed on an untrusted or broadly reachable network.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The client transmits user-provided texts to remote GPU hosts for embedding and BERTScore operations, which can expose sensitive prompts, documents, or proprietary data to external systems. In this skill's context, remote offloading is the core feature, but the code does not enforce secure transport, restrict hosts to trusted endpoints, or provide any built-in disclosure/consent mechanism, so sensitive data may be sent to unintended or insecure destinations.

VirusTotal

No VirusTotal findings

View on VirusTotal