ClawHub

Unformal Notifications

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: it checks Unformal Pulse responses and can notify you locally, with some normal but important credential and install cautions.

Install only if you trust Spark Collective/unformal.ai with your Unformal API key and Pulse response data. Before running the downloaded listener, compare it with the bundled script or otherwise verify its source, prefer a scoped and rotatable API key, avoid putting secrets in shared transcripts, and periodically clean ~/.unformal/inbox if responses contain sensitive information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill instructs users to download a script directly from `https://unformal.ai/unformal-listen.sh`, save it locally, mark it executable, and run it without any integrity verification or code review step. This creates a direct remote code execution path if the endpoint, hosting account, TLS termination, or upstream supply chain is compromised.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The installation flow fetches executable code from the internet and immediately prepares it for execution, but omits any warning that users should trust the publisher, inspect the code, or verify authenticity. In a skill that asks for an API key and installs a background listener, that omission materially increases the risk of credential theft or local compromise.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill tells users to persist `UNFORMAL_API_KEY` in `~/.zshrc` without warning that shell startup files may be readable by other local processes, exposed in backups, inherited by child processes, or accidentally printed during debugging. Persisting long-lived API credentials in plaintext increases the blast radius of local compromise and operational mistakes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal