ClawHub

Talk

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only voice setup skill with expected provider credentials and webhook guidance, but users should secure secrets and exposed endpoints.

Before installing, treat all provider API keys and telephony tokens as secrets, prefer environment variables or a secret manager, do not commit real credentials, use inbound allowlists or pairing, validate provider webhooks, and separately review any optional plugin or skill before enabling phone calls or memory-backed conversations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The configuration examples normalize placing API credentials and telephony secrets directly in inline YAML, and the document also encourages exposing a public webhook URL without any accompanying guidance on secret management, auth, or endpoint hardening. In a voice/telephony setup, leaked Twilio/Telnyx or ElevenLabs credentials can enable account abuse, fraudulent call spend, or unauthorized access to call workflows.

Missing User Warnings

High
Confidence
97% confidence
Finding
The document advertises loading MEMORY.md into live calls as a feature without warning that stored memory may contain sensitive personal data, internal notes, or cross-user context that could be spoken to callers or used in prompts during real-time conversations. In a voice skill, this is especially dangerous because disclosures can happen immediately and irreversibly to external phone participants.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation explicitly tells users to expose a local service publicly via ngrok or Tailscale funnel for voice webhooks, but provides no caution about authentication, request validation, or narrowing exposure. If the local service is not hardened, this can allow unsolicited external traffic to reach development systems and potentially trigger unauthorized actions or exploit insecure endpoints.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal