ClawHub

security scanner

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed remote security-scanning API wrapper, but users should only submit code or repository data they are allowed to send to Claw0x.

Install only if you are comfortable with Claw0x receiving the scan target. Avoid direct code mode, pre-commit hooks, or CI scans for private or regulated code unless your organization approves that external processing, and use a dedicated revocable CLAW0X_API_KEY.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Findings (29)

Lp3

Medium
Category
MCP Least Privilege
Confidence
98% confidence
Finding
The skill explicitly requires an environment secret (CLAW0X_API_KEY) and repeatedly sends repository URLs, code, and skill metadata to a remote API, yet the frontmatter declares only env requirements and no corresponding allowed tools or network permissions. This creates a permission-transparency failure: users may believe the skill performs local scanning while it actually depends on outbound network access and secret use.

Tp4

High
Category
MCP Tool Poisoning
Confidence
99% confidence
Finding
The skill markets itself as if it directly performs dependency, static, and permission analysis, but the content shows it proxies user inputs to api.claw0x.com and relies on CLAW0X_API_KEY. This mismatch is dangerous because users may submit sensitive code or internal repository locations under the false assumption of local or self-contained analysis.

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The implementation does not perform local multi-layer security analysis as described; it forwards submitted content to a remote Claw0x service. This is a security-relevant mismatch because users may provide proprietary code or skill content expecting an in-skill scan, while the data is actually transmitted off-box to a third party.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill reads a secret from the environment and sends user-supplied scan targets, including raw code, dependency data, or skill content, to an external service. Even if done for legitimate scanning, this creates confidentiality and supply-chain risk when sensitive source code or internal metadata is exfiltrated without strong disclosure and trust controls.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The invocation guidance is broad enough to match many generic user requests about safety or auditing, increasing the chance the skill auto-triggers in contexts where the user did not intend to send code or repository data to an external service. Overbroad triggering is especially risky here because activation can lead to third-party transmission of sensitive inputs.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The 'When to Use' section contains vague natural-language triggers such as 'is this skill safe?' and 'check skill security,' which can overlap with ordinary advisory conversations. Because the skill sends inputs to a remote API, ambiguous routing can unexpectedly expose user data to a third party.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The direct code submission mode encourages users to send raw source code and SKILL.md content to the remote API but does not present a clear, proximate privacy and data-transmission warning at the point of use. This is dangerous because users may submit proprietary code, secrets, or internal logic without realizing it leaves their environment.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The primary quickstart examples immediately instruct users to POST repository information to the external API without a user-facing disclosure that code/repository data is being sent to a third-party service. Missing disclosure at the most prominent entry point materially increases the chance of accidental data exposure.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The code performs network transmission of potentially sensitive inputs without any runtime warning, consent prompt, or visible disclosure in the handler. In a security-scanning context, users are especially likely to submit confidential code, making silent upload materially risky.

External Transmission

Medium
Category
Data Exfiltration
Content
import requests

def vet_skill(repo_url):
    response = requests.post(
        'https://api.claw0x.com/v1/call',
        headers={
            'Authorization': f'Bearer {os.getenv("CLAW0X_API_KEY")}',
Confidence
87% confidence
Finding
requests.post( 'https://

External Transmission

Medium
Category
Data Exfiltration
Content
**Example**:
```typescript
async function reviewSkillSubmission(repoUrl) {
  const response = await fetch('https://api.claw0x.com/v1/call', {
    method: 'POST',
    headers: {
      'Authorization': `Bearer ${process.env.CLAW0X_API_KEY}`,
Confidence
87% confidence
Finding
fetch('https://api.claw0x.com/v1/call', { method: 'POST'

External Transmission

Medium
Category
Data Exfiltration
Content
const skills = await db.skills.findMany({ status: 'published' });
  
  for (const skill of skills) {
    const response = await fetch('https://api.claw0x.com/v1/call', {
      method: 'POST',
      headers: {
        'Authorization': `Bearer ${process.env.CLAW0X_API_KEY}`,
Confidence
87% confidence
Finding
fetch('https://api.claw0x.com/v1/call', { method: 'POST'

External Transmission

Medium
Category
Data Exfiltration
Content
```typescript
// Scan before installing skill
agent.onSkillInstall(async (skillUrl) => {
  const response = await fetch('https://api.claw0x.com/v1/call', {
    method: 'POST',
    headers: {
      'Authorization': `Bearer ${process.env.CLAW0X_API_KEY}`,
Confidence
88% confidence
Finding
fetch('https://api.claw0x.com/v1/call', { method: 'POST'

External Transmission

Medium
Category
Data Exfiltration
Content
const scans = await Promise.all(
  skills.map(async skill => {
    const response = await fetch('https://api.claw0x.com/v1/call', {
      method: 'POST',
      headers: {
        'Authorization': `Bearer ${process.env.CLAW0X_API_KEY}`,
Confidence
87% confidence
Finding
fetch('https://api.claw0x.com/v1/call', { method: 'POST'

External Transmission

Medium
Category
Data Exfiltration
Content
### Step 2: Scan Your First Skill (1 minute)
```bash
curl -X POST https://api.claw0x.com/v1/call \
  -H "Authorization: Bearer ck_live_..." \
  -H "Content-Type: application/json" \
  -d '{
Confidence
86% confidence
Finding
curl -X POST https://api.claw0x.com/v1/call \ -H "Authorization: Bearer ck_live_..." \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
# .github/workflows/security.yml
- name: Security Scan
  run: |
    RESULT=$(curl -X POST https://api.claw0x.com/v1/call \
      -H "Authorization: Bearer $CLAW0X_API_KEY" \
      -d '{"skill":"security-scanner","input":{"repo_url":"${{ github.repository }}"}}')
Confidence
86% confidence
Finding
curl -X POST https://api.claw0x.com/v1/call \ -H "Authorization: Bearer $CLAW0X_API_KEY" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
# Scan staged code
CODE=$(cat $FILES)
RESULT=$(curl -s -X POST https://api.claw0x.com/v1/call \
  -H "Authorization: Bearer $CLAW0X_API_KEY" \
  -d "{\"skill\":\"security-scanner\",\"input\":{\"code\":\"$CODE\"}}")
Confidence
94% confidence
Finding
curl -s -X POST https://api.claw0x.com/v1/call \ -H "Authorization: Bearer $CLAW0X_API_KEY" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
- name: Scan for vulnerabilities
        run: |
          RESULT=$(curl -X POST https://api.claw0x.com/v1/call \
            -H "Authorization: Bearer ${{ secrets.CLAW0X_API_KEY }}" \
            -H "Content-Type: application/json" \
            -d "{\"skill\":\"security-scanner\",\"input\":{\"repo_url\":\"https://github.com/${{ github.repository }}\"}}")
Confidence
86% confidence
Finding
curl -X POST https://api.claw0x.com/v1/call \ -H "Authorization: Bearer ${{ secrets.CLAW0X_API_KEY }}" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
### Step 2: Scan Your First Skill (1 minute)
```bash
curl -X POST https://api.claw0x.com/v1/call \
  -H "Authorization: Bearer ck_live_..." \
  -H "Content-Type: application/json" \
  -d '{
Confidence
86% confidence
Finding
https://api.claw0x.com/

External Transmission

Medium
Category
Data Exfiltration
Content
**Example**:
```typescript
async function reviewSkillSubmission(repoUrl) {
  const response = await fetch('https://api.claw0x.com/v1/call', {
    method: 'POST',
    headers: {
      'Authorization': `Bearer ${process.env.CLAW0X_API_KEY}`,
Confidence
87% confidence
Finding
https://api.claw0x.com/

External Transmission

Medium
Category
Data Exfiltration
Content
# .github/workflows/security.yml
- name: Security Scan
  run: |
    RESULT=$(curl -X POST https://api.claw0x.com/v1/call \
      -H "Authorization: Bearer $CLAW0X_API_KEY" \
      -d '{"skill":"security-scanner","input":{"repo_url":"${{ github.repository }}"}}')
Confidence
86% confidence
Finding
https://api.claw0x.com/

External Transmission

Medium
Category
Data Exfiltration
Content
const skills = await db.skills.findMany({ status: 'published' });
  
  for (const skill of skills) {
    const response = await fetch('https://api.claw0x.com/v1/call', {
      method: 'POST',
      headers: {
        'Authorization': `Bearer ${process.env.CLAW0X_API_KEY}`,
Confidence
87% confidence
Finding
https://api.claw0x.com/

External Transmission

Medium
Category
Data Exfiltration
Content
# Scan staged code
CODE=$(cat $FILES)
RESULT=$(curl -s -X POST https://api.claw0x.com/v1/call \
  -H "Authorization: Bearer $CLAW0X_API_KEY" \
  -d "{\"skill\":\"security-scanner\",\"input\":{\"code\":\"$CODE\"}}")
Confidence
94% confidence
Finding
https://api.claw0x.com/

External Transmission

Medium
Category
Data Exfiltration
Content
```typescript
// Scan before installing skill
agent.onSkillInstall(async (skillUrl) => {
  const response = await fetch('https://api.claw0x.com/v1/call', {
    method: 'POST',
    headers: {
      'Authorization': `Bearer ${process.env.CLAW0X_API_KEY}`,
Confidence
88% confidence
Finding
https://api.claw0x.com/

External Transmission

Medium
Category
Data Exfiltration
Content
- name: Scan for vulnerabilities
        run: |
          RESULT=$(curl -X POST https://api.claw0x.com/v1/call \
            -H "Authorization: Bearer ${{ secrets.CLAW0X_API_KEY }}" \
            -H "Content-Type: application/json" \
            -d "{\"skill\":\"security-scanner\",\"input\":{\"repo_url\":\"https://github.com/${{ github.repository }}\"}}")
Confidence
86% confidence
Finding
https://api.claw0x.com/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal