ClawHub

Publish Api

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only API reference skill; it contains many runnable examples for external services, but no hidden execution, persistence, or credential theft behavior was found.

Install only if you want a broad API reference. Treat every curl example as a template: use sandbox or test credentials first, replace placeholders carefully, avoid sending secrets or personal data, and require explicit confirmation before running examples that send messages, post publicly, delete data, change infrastructure, or perform financial/trading actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (59)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This documentation repeatedly shows sending prompts, images, audio, and transcripts to third-party AI providers without warning that user data leaves the local environment and may be retained or processed under external vendor policies. In an agent skill, omission of privacy and consent guidance can cause operators to unknowingly transmit sensitive or regulated data to many external services.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The voice and speech-processing sections cover TTS, transcription, diarization, and voice-capable APIs without warning that voice recordings and biometric-like speech data may be especially sensitive. That omission increases the chance users upload identifying audio, meeting recordings, or cloned-voice material without consent, creating privacy, legal, and compliance exposure.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The file contains numerous ready-to-run examples that transmit telemetry, user traits, metrics, and state-changing requests to external SaaS platforms without any warning about privacy, production impact, or data handling. In an agent skill context, this is riskier than ordinary prose because users or downstream agents may execute examples directly and unintentionally send real data or modify external systems.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The Auth0 example uses the password grant to collect and transmit an end user's username and password directly, but it does not warn that this flow is highly sensitive and generally discouraged except for tightly controlled first-party scenarios. In a reference skill, this can normalize unsafe credential-handling practices and lead integrators to build systems that unnecessarily process user passwords, increasing phishing, logging, and secret-exposure risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The DocuSign example uses a live send action with `"status": "sent"`, which can immediately dispatch signature requests to real recipients if copied into a real environment. In a reference skill, omitting an explicit warning about external side effects increases the chance that users or downstream agents will trigger unintended business actions.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The Dropbox Sign cancel example performs a destructive workflow action without warning that it can revoke or alter a real signature process. In an agent-consumable API reference, this creates risk of accidental irreversible changes if an automation copies the snippet directly.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The Dub lead-tracking example sends a `customerId` to an external analytics service but does not warn about privacy, consent, or data-classification implications. This can lead users or agents to transmit personal or regulated identifiers without appropriate legal or organizational review.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This file is a communication API reference that includes many ready-to-run examples for sending SMS, email, chat messages, files, photos, webhooks, and meeting invites, but it does not include an explicit warning that these commands cause real-world outbound actions and may transmit personal or sensitive data. In an agent skill context, that omission is meaningful because users or agents may copy or invoke these examples directly, causing unintended contact with third parties, privacy violations, billing, spam, or operational side effects.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The Netlify section includes state-changing examples such as triggering a build hook and patching site environment variables, but it does not warn that these calls can immediately alter production behavior or expose secrets if copied blindly. In a reference skill, runnable examples are likely to be reused directly, so omission of impact warnings creates a meaningful operational safety risk.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The DigitalOcean example shows a direct DELETE request for a droplet with no warning that it permanently removes infrastructure and may cause downtime or data loss. Because this is copy-paste ready and uses a real endpoint and auth pattern, an operator could destroy production resources unintentionally.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The Heroku example uses DELETE on dynos to restart all dynos, which can interrupt live traffic, reset in-memory state, and impact running jobs. Without a warning, readers may treat it like a harmless management query even though it is an operationally disruptive action.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The Cloudflare examples modify DNS records and purge cache, both of which can affect live routing, availability, and content delivery immediately. The lack of warnings is especially risky because DNS and cache actions are fast, global, and commonly executed against production zones.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The PagerDuty examples acknowledge incidents and trigger events without warning that these actions change incident state and can affect on-call workflows, escalation, and alert noise. In an operations context, accidental execution can suppress or generate real alerts with organizational impact.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The feature-flag update example can immediately change application behavior for real users, but the documentation does not warn about rollout risk or environment targeting mistakes. In feature management systems, a single patch can enable unfinished code or disable critical safeguards in production.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The Statsig examples transmit user identifiers and an email address to an external analytics/evaluation service without any privacy or data-minimization warning. Even though the values are placeholders, the examples normalize sending user-level data and may lead users to forward personal data without considering compliance or consent requirements.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The Customer.io example includes a live DELETE operation against a customer record without any warning that it is destructive or guidance on safe testing. In a reference skill, users may copy and run the command directly, causing unintended data loss in production environments.

Missing User Warnings

Medium
Confidence
75% confidence
Finding
These examples include real money movement and trading operations such as Wise transfers, Coinbase sends/orders, Binance orders, and Alpaca trading without an explicit warning that executing them against live credentials can move funds or place trades. In a general API skill, this increases the chance of accidental harmful use by operators who copy-paste commands into production environments.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The Airtable section includes a credentialed DELETE example that can remove remote records, but the document provides no warning that the operation is destructive or should be tested only against non-production data. In a reference skill used by agents, omission of such guardrails increases the chance of accidental data loss from copied commands or autonomous action selection.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The Calendly examples show authenticated access to scheduled events, event details, and invitee information, which can expose personal and scheduling data. Without a privacy warning or least-privilege guidance, an agent or user may treat these examples as routine reads despite the sensitivity of calendar metadata and attendee details.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The file is a broad API reference that includes authenticated requests plus state-changing operations such as posting tweets, sharing LinkedIn posts, publishing Instagram media, submitting Reddit content, creating Twitch clips, and sending chat messages. In documentation for an agent skill, presenting these credential-bearing and account-impacting examples without explicit safety warnings increases the risk that an agent or user copies them into automation and unintentionally performs external actions or exposes sensitive tokens.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The Intercom section includes ready-to-run POST and reply examples that create contacts, send messages, and reply to live conversations without any warning that these actions mutate production support data. In a support-admin context, a user may copy/paste these commands against real accounts, causing unintended customer contact, ticket/comment changes, or data creation.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The Zendesk examples demonstrate ticket creation and update operations, including posting a public comment, without warning that they can alter real tickets and customer-visible content. This raises the risk of accidental modification of production support workflows by users following the documentation verbatim.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The Freshdesk and Help Scout sections provide state-changing examples and secret-bearing authentication snippets without warnings about live-data impact or secure credential handling. Users may expose tokens in shell history or run commands that create/reply to tickets and conversations in production systems.

External Transmission

Medium
Category
Data Exfiltration
Content
### Send SMS
```bash
curl -X POST "https://api.twilio.com/2010-04-01/Accounts/$TWILIO_SID/Messages.json" \
  -u "$TWILIO_SID:$TWILIO_AUTH_TOKEN" \
  -d "From=+15551234567" \
  -d "To=+15559876543" \
Confidence
96% confidence
Finding
curl -X POST "https://api.twilio.com/2010-04-01/Accounts/$TWILIO_SID/Messages.json" \ -u "$TWILIO_SID:$TWILIO_AUTH_TOKEN" \ -d "From=+15551234567" \ -d "To=+15559876543" \ -d "Body=Hello from

External Transmission

Medium
Category
Data Exfiltration
Content
### Send Simple Email
```bash
curl -X POST https://api.sendgrid.com/v3/mail/send \
  -H "Authorization: Bearer $SENDGRID_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
95% confidence
Finding
curl -X POST https://api.sendgrid.com/v3/mail/send \ -H "Authorization: Bearer $SENDGRID_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "personalizations": [{"to": [{"email": "user@e

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal