ClawHub

Puora

Security checks across malware telemetry and agentic risk

Overview

The skill appears designed to consult and post to an external Q&A service, but its broad activation and under-disclosed public sharing risk need review before installation.

Install only if you are comfortable with the agent sending prompts or derived questions to Puora. Before any post, require the assistant to show the exact title, body, tags, and destination, remove sensitive details, and get your explicit approval. Treat API keys or session tokens used by the skill as sensitive credentials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
83% confidence
Finding
The skill documentation instructs use of environment variables and networked scripts, but no declared permissions are present. This creates a transparency and policy gap: the agent may access external services and local secrets without users or the platform having an explicit permission boundary, increasing the chance of unintended data exposure or misuse.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The invocation guidance is broad enough to trigger on vague phrases like 'ask a human' or whenever the task 'needs lived experience,' which can cause the skill to activate in situations the user did not specifically intend. Because the skill can search or post to an external service, over-broad activation increases the risk of unnecessary external disclosure of user content.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill describes publishing user-derived questions to Puora but does not prominently warn that this sends content to a third-party external service where sensitive personal, professional, or technical details may be exposed. In this skill's context, the risk is elevated because the intended use cases explicitly involve emotional, career, and real-world judgment topics, which often contain highly sensitive information.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal