ClawHub

predict-intelligence

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent prediction-report generator, but users should expect web research, local report creation, Python/Playwright execution, and third-party CDN loads.

Install only if you are comfortable with the agent browsing the web, querying Polymarket, writing local HTML/PDF files, running Python/Playwright, and loading report assets from third-party CDNs. Use a virtual environment and review generated reports before relying on them for financial or operational decisions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly states that the agent will research external sources, pull Polymarket data, build artifacts, and output files, but it does not warn that using the skill may trigger network access, shell execution, and local file creation. In an agent setting, this can lead to silent high-impact side effects such as unreviewed external requests or unintended writes/execution paths, especially if the user only asked for analysis and did not consent to operational actions.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger scope is overly broad, covering generic prediction and outcome-analysis queries that many benign conversations could match. In context, that broad activation is more dangerous because the skill then directs the agent to perform external research, generate reports, and run scripts, increasing the chance of unintended invocation with privileged actions.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill description and requirements disclose powerful behaviors internally, but they do not provide an explicit warning to the end user that the agent may browse the web, query external services, write files, install dependencies, and execute shell/Python commands. This lack of transparency undermines informed consent and can lead to surprising or unsafe actions, especially in environments where shell execution or outbound access is sensitive.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The HTML imports remote Google Fonts via CSS without any disclosure to the user. Even though this is common in web documents, it causes outbound requests to a third party and leaks metadata such as IP address, user agent, and access timing; in a report-generation skill, users may reasonably expect a self-contained local artifact.

Missing User Warnings

Low
Confidence
95% confidence
Finding
The report loads third-party JavaScript from unpkg and fetches remote JSON map data from jsDelivr at render time, with no disclosure. This creates a supply-chain and privacy risk: a compromised CDN or changed upstream asset could alter report behavior, inject active content, or exfiltrate data when the HTML is opened.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal