ClawHub

AgentScale

Security checks across malware telemetry and agentic risk

Overview

This is a coherent deployment tool, but using it will upload your project and use a locally stored API key.

Install only if you trust AgentScale and the npm package source. Run deploy from the intended project directory, review files for secrets first, keep AGENTSCALE_API_URL unset unless you deliberately trust the alternate endpoint, and require explicit approval before using any payment or credits command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documents use of environment-variable configuration and network communication but declares no corresponding permissions, which creates a transparency and consent gap. In an agent setting, undeclared network and env access can cause users or orchestrators to approve a skill without realizing it can transmit data or be redirected via environment settings.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The skill is presented as a simple deployment utility, but it also performs account registration, persists an API key in the user's home directory, lists deployed services, and exposes billing/account operations. This mismatch is dangerous because users may invoke it expecting only deployment while it also handles credentials, local state, and account data with broader privacy and financial implications.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README repeatedly tells users to deploy the current directory and promises a public URL, but it does not explicitly warn that the project contents will be packaged and uploaded to an external hosting provider. This omission can cause users to unintentionally transmit source code, secrets, local config files, or internal assets if they run the command from a sensitive directory or without reviewing what will be included.

External Transmission

Medium
Category
Data Exfiltration
Content
To add credits, use the `agentspend pay` command:

```bash
agentspend pay https://api.agentscale.co/add-credits \
  --header "x-api-key:<your-api-key>" \
  --body '{"amount_cents": 500}'
```
Confidence
83% confidence
Finding
https://api.agentscale.co/

VirusTotal

53/53 vendors flagged this skill as clean.

View on VirusTotal