ClawHub

PrivateBin Upload Skill

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it uploads chosen content to a PrivateBin paste service, but users should treat every upload as external sharing.

Before using this skill, confirm the exact destination host and the exact content or file to upload. Avoid secrets, regulated data, proprietary code, or private reports unless you intentionally want them shared through that PrivateBin instance; prefer short expiry, password protection, or burn-after-reading for sensitive-but-shareable material.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The README suggests very broad natural-language triggers such as uploading reports, scripts, code, and files without stating boundaries or requiring confirmation before sending data to a third-party paste service. In an agent setting, this can cause over-broad activation and accidental exfiltration of sensitive content, especially because the destination may be an external PrivateBin instance.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README describes uploading content to 'any PrivateBin instance' but does not warn that data is transmitted to an external service and may contain sensitive text, code, reports, or files. In a skill designed specifically to move user content off-system, omission of this warning materially increases the risk of unintended disclosure and misuse.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly uploads user-provided content or files to a PrivateBin instance, which is an external service, but the description does not warn that data may leave the local environment. This can cause users to unknowingly transmit sensitive code, reports, credentials, or files off-system, especially because the skill is framed as a convenient sharing utility and may be invoked without an explicit privacy reminder.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list contains broad phrases such as 'upload to paste', 'share via paste', and 'generate shareable link' that can match many ordinary user requests not specifically intended for PrivateBin. This can cause the skill to activate inappropriately and exfiltrate user-provided content to an external paste service when the user did not clearly request that action.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The description frames the skill as applicable to broad sharing scenarios like text, code, reports, files, burn-after-reading, password protection, and expiry-controlled sharing, which expands invocation scope beyond a narrowly defined tool. In an agent environment, this broad scope increases the chance that sensitive material will be routed to a third-party paste endpoint without sufficiently explicit user intent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal