ClawHub

onionclaw

Security checks across malware telemetry and agentic risk

Overview

OnionClaw is a coherent dark-web OSINT skill, but it asks for high-impact Tor, LLM, persistence, and setup authority while the executable scripts it references are not included for review.

Review the upstream OnionClaw code before running any referenced scripts. Avoid automatic setup unless you understand the Tor service and torrc changes, use private access-controlled output directories instead of shared /tmp paths, clear or disable watches when finished, and do not send leaked credentials, PII, or internal company data to a remote LLM provider without authorization.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill supports watch jobs, output directories, and report export formats that persist potentially sensitive investigation targets, fetched content, and alerts to local disk, but it does not prominently warn users before those writes occur. This can expose sensitive OSINT subjects, leaked credentials, or investigative artifacts to other local users, backups, or endpoint monitoring systems.

Missing User Warnings

High
Confidence
97% confidence
Finding
The LLM analysis features process raw fetched dark-web content and investigation data, yet the documentation does not clearly warn that this material may be transmitted to an external model provider when a remote API-backed LLM is configured. That creates a serious risk of unintentional disclosure of sensitive intelligence, leaked data, PII, or investigative context outside the local environment.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal