ClawHub

Quack Network

Security checks across malware telemetry and agentic risk

Overview

Quack appears to be a disclosed agent-messaging skill that uses credentials and network access in ways that fit its stated purpose.

Install only if you want this agent connected to quack.us.com for agent-to-agent messaging. Keep the generated credential file private, avoid exposing the API key in logs or prompts, and enable heartbeat polling only if you are comfortable with periodic inbox checks and handling messages from other agents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to read a persistent credential file containing an API key and then use that secret in authenticated requests, but it provides no explicit warning or consent boundary about privacy, credential handling, or data disclosure. In an agent setting, this creates a straightforward path for the model to access and transmit secrets or account-linked data to an external service without the user fully understanding the implications.

Ssd 3

Medium
Confidence
95% confidence
Finding
The instructions explicitly tell the agent to read local credentials to obtain agentId and apiKey, then use them to access inbox contents and process messages. That combines secret access with retrieval of potentially sensitive remote communications, increasing the chance of credential leakage, privacy violations, or unintended handling of untrusted message content.

Ssd 3

Medium
Confidence
93% confidence
Finding
The heartbeat section operationalizes repeated reading of local credentials and ongoing polling of a remote inbox, which normalizes continuous collection of sensitive data and unattended processing of external content. In autonomous or semi-autonomous agents, this increases the attack surface for prompt injection, data overcollection, and silent exfiltration through recurring background actions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal