ClawHub

Agents

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only skill about building AI agents, with safety gaps to keep in mind but no hidden execution, persistence, exfiltration, or install-time behavior.

Safe to install as an educational skill. Treat its snippets as design references, not production-ready policy: avoid exposing hidden reasoning, use least-privilege integrations, require approval for external messages, payments, file writes, and deployments, and add privacy controls for memory, logs, and customer or financial data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Natural-Language Policy Violations

Medium
Confidence
96% confidence
Finding
The debugging guidance explicitly says to add chain-of-thought to inspect agent thinking, without any qualification about keeping hidden reasoning private or using safer debugging alternatives. In an agent skill focused on production design and safety, this can normalize exposing internal reasoning, which may leak sensitive context, hidden policies, credentials, or make prompt-injection and policy-evasion easier.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
This section recommends automations over email, calendar, invoicing, and client onboarding workflows that inherently process sensitive personal and business data, but it omits any privacy, consent, retention, access-control, or human-review guidance. In an agent skill focused on deployment patterns, that omission can normalize unsafe implementation and lead operators to grant broad access to communications, financial records, and file systems without appropriate safeguards.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The handoff packet instructs the agent to share customer name and order history, which may be necessary operationally, but there is no mention of data minimization, role-based access, or avoiding unnecessary exposure of personal data. In a customer-service context, this can result in over-collection or oversharing of PII to humans or systems that do not need full account details, increasing privacy and compliance risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This section describes agents with the ability to write files, run tests, deploy, scale, and roll back infrastructure, but it provides no adjacent warning about sandboxing, approval gates, credential scoping, environment separation, or destructive-action controls. Because the skill is explicitly about designing and deploying AI agents, readers may treat these capabilities as recommended defaults, making unsafe real-world implementation more likely and increasing the chance of codebase corruption or production-impacting actions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal