ClawHub

Perplexity Sonar via Openrouter in CLI

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed OpenRouter-backed search CLI; it needs normal privacy caution because queries and optional prompts are sent to OpenRouter.

Use a dedicated or revocable OpenRouter API key, and avoid sending secrets, private documents, regulated data, or confidential business context in queries or `--system` prompts unless you approve that disclosure to OpenRouter and its model providers. Check `--output` paths before running commands, and verify the cloned source before symlinking it into your PATH.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill clearly relies on environment access for OPENROUTER_API_KEY and network access to OpenRouter-backed web search, but no permissions are declared. This can mislead users and reviewers about what the skill will access, reducing informed consent and weakening platform-level safety controls.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs users to use a networked search tool with an API key and URL extraction capability, but it does not warn that prompts, queries, and extracted URLs/content may be transmitted to external services. In an agent skill context, this omission increases the chance that users or downstream agents send sensitive data off-host without informed consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The description says the skill performs OpenRouter-backed web search but does not warn that user queries and related metadata are transmitted to third-party services. Users may unknowingly send sensitive prompts, research topics, or operational context off-device, creating privacy, compliance, and confidentiality risks.

Missing User Warnings

Low
Confidence
91% confidence
Finding
The skill advertises --output file writing without warning that it may create or overwrite local files. This can cause accidental data loss or unintended writes if a user supplies an existing path or runs suggested commands without realizing the side effect.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The CLI sends the user's query and any optional system prompt directly to OpenRouter, which is an external third-party service, but the code provides no runtime warning, confirmation, or guardrail before transmitting potentially sensitive content. In a local CLI context this creates a real privacy/data-leak risk because users may assume a local search utility does not exfiltrate prompts unless clearly told otherwise.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal