Clawdio

Security checks across malware telemetry and agentic risk

Overview

The core encrypted messaging library is broadly aligned with its purpose, but the package includes an under-disclosed launcher that can run an unreviewed background process from a hard-coded local path.

Review before installing or running. The cryptographic messaging code may be usable as a library, but avoid the included start script unless the hard-coded path, fixed IP/owner, missing run.js, detached background behavior, undeclared dependencies, and plaintext identity handling are fixed or clearly documented.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The code persists the long-term private key (`secretKey`) in plaintext JSON on disk via `fs.writeFileSync`, with no encryption, permission hardening, or user-facing disclosure. If the identity file is read through local compromise, backup leakage, shared filesystem access, or accidental exposure, an attacker can fully impersonate the agent to all peers and defeat the trust model.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal