ClawHub

builder-data

Security checks across malware telemetry and agentic risk

Overview

This is a read-only documentation skill for Talent Protocol and optional GitHub lookups, with disclosed credential use and no hidden code or persistence.

Install only if you are comfortable with an agent querying Talent Protocol and optionally GitHub for identity-linked builder data such as handles, wallets, location, credentials, and public repo activity. Use least-privilege tokens, prefer no-scope GitHub tokens for public data, keep credentials in environment/secret storage, and avoid broad people-search or wallet-to-identity lookups unless you have a legitimate reason.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The GitHub Enrichment section expands the skill from querying Talent Protocol into broad third-party intelligence collection against GitHub, including activity, PRs, and repository README access. That scope expansion increases data exposure and can cause the agent to send user-derived identifiers to a separate service without clear necessity, consent, or minimization.

Context-Inappropriate Capability

Low
Confidence
86% confidence
Finding
Advising use of a separate GitHub token introduces an additional credential into the workflow that is outside the skill's core Talent Protocol function. This raises the risk of unnecessary secret handling, accidental credential reuse, or unauthorized access patterns if an agent starts requesting or storing GitHub tokens.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill is explicitly designed to query and correlate identity/profile data across Talent Protocol and GitHub, including wallets, social handles, location, and credentials, but it does not warn users about the privacy and profiling risks of linking these datasets. This can enable unintended deanonymization, reputation-based profiling, and broad people-search use without clear user awareness or consent boundaries.

Missing User Warnings

Medium
Confidence
77% confidence
Finding
The document instructs users to supply API tokens and transmit profile identifiers to third-party services, but it provides no warning about secure credential handling, token scoping, logging exposure, or privacy implications of identity enrichment. In an agent skill context, this omission can lead to accidental leakage of secrets or unexpected disclosure of user-linked identity data across services.

Missing User Warnings

Low
Confidence
76% confidence
Finding
The examples show authenticated requests that transmit handles, profile IDs, and potentially linked wallet information to external APIs, but provide no warning about privacy implications or disclosure to third parties. In an agent setting, that omission can mislead users into sharing personal or linked identity data without informed consent.

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
curl -H "Authorization: token $GITHUB_TOKEN" \
  "https://api.github.com/users/{username}"
```

| API | Without token | With token |
Confidence
71% confidence
Finding
https://api.github.com/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal