ClawHub

Hospitable Ops

Security checks across malware telemetry and agentic risk

Overview

This skill appears legitimate for Hospitable operations, but it needs review because its write helper can make broad authenticated API requests beyond the documented calendar-only workflow.

Install only if you intend to give an agent access to your Hospitable account. Use a least-privileged token if possible, keep HOSPITABLE_BASE_URL pinned to Hospitable's official API, require human approval for every non-GET request, and protect any exported reservation or calendar JSON files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description is very broad and includes many operational, debugging, automation, and cross-channel scenarios, which can cause the agent to invoke it for a wide range of Hospitable-related tasks without clear scoping constraints. In a skill that can drive API reads and non-price calendar writes, overbroad triggering increases the chance of unintended use in contexts the user did not explicitly authorize, leading to inappropriate operational changes or misuse of powerful automation paths.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This script accepts an arbitrary HTTP method, path, and optional body from command-line arguments and sends the request with the user's Hospitable bearer token. Because it targets a configurable endpoint and defaults to a production API base URL, it can be used to perform unintended authenticated read or write operations without any scope restriction, confirmation, or safety guardrails.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal