ClawHub

Hyperthink

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed automated research skill whose main risks are cost, long unattended runs, local persistence, and optional external notifications.

Install only if you are comfortable with a costly unattended research run. Use a scoped Anthropic API key where possible, avoid sensitive topics unless the output location is appropriate, and leave webhook or Telegram variables unset unless you trust the destination and accept that completion details or deliverables may be sent there.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill automatically delivers the final brief to Telegram or a configurable webhook, and the content may contain sensitive research, strategic analysis, or user-provided confidential scope details. Because the workflow is explicitly 'fully hands-off' and the notification channels are configurable, this creates a real risk of unintended external disclosure without an explicit just-in-time warning, opt-in, or content sensitivity check.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The spec explicitly permits completion notifications via webhook or Telegram, which can transmit job metadata and result paths to third-party destinations without requiring explicit user consent, destination allowlisting, or data-minimization controls. In a batch worker handling research prompts and outputs, this creates a real risk of unintended exfiltration of sensitive task details beyond the core Anthropic API flow.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal