ClawHub

Kids Creator

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real children’s game workshop skill, but it needs review because it stores and publishes minors’ content without clear privacy and access controls.

Review this before installing in any real workshop. Require guardian and organization approval, use least-privilege Cloudflare credentials, make game/gallery links private or expiring, avoid real names in public pages or paths, add a deletion policy, and choose a clearly disclosed STT provider with retention disabled or minimized.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill goes beyond a Telegram workshop flow and grants repository write, git push, and Cloudflare Pages deployment capabilities that can publish arbitrary child-generated HTML to a public site. In a child-focused environment, this materially expands the attack surface: prompt-influenced content could be deployed publicly, secrets could be abused for unauthorized publishing, and accidental exposure of child-related data or unsafe content becomes much more likely.

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The documented behavior persists child-created outputs as hosted game pages and gallery URLs, which is a materially broader data flow than a transient Telegram interaction. Because the audience is pediatric patients, public or semi-public hosting can expose names, creative content, schedules, or linkable identifiers, increasing privacy and safeguarding risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill accepts voice messages and sends them to Whisper API or another external STT path without any user-facing disclosure, consent flow, retention policy, or minimization controls. Audio from children—especially in a hospital context—may contain sensitive personal or health information, so undisclosed third-party processing creates significant privacy and compliance risk.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill stores per-child state in persistent files keyed by Telegram user ID and includes names, prompts, generated outputs, and URLs, but provides no privacy notice, retention limits, access controls, or deletion process. For children in a cancer ward, even seemingly simple identifiers and content can become highly sensitive when combined with context, making persistent storage particularly dangerous.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill describes sharing game URLs and gallery links for child-generated content without warning about who can access them, how guessable they are, or whether search engines or other recipients may view them. In this context, link sharing can expose children’s names, creations, and participation in a hospital program to unintended audiences.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal