ClawHub

Cheat Code

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed external synthesis integration, but users should be careful because it can send task context to kenoodl.com.

Install only if you are comfortable with selected prompts, task context, and agent reasoning being sent to kenoodl.com for processing. Do not use it with secrets, credentials, regulated personal data, confidential business material, or proprietary source context unless you have approval and have reviewed the provider's data-handling practices.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README explicitly instructs users to provide a runtime token and states the agent will make outbound HTTP calls to retrieve information from an external service, but it does not clearly warn that user prompts, context, or other sensitive data may be transmitted off-platform. In an agent skill, this omission is security-relevant because users may unknowingly authorize exfiltration of proprietary or personal data to a third party whenever the agent decides it 'needs to think past what it knows.'

Vague Triggers

Medium
Confidence
89% confidence
Finding
The manifest description claims the skill makes the agent's talents 'limitless' and invites unconstrained use without defining when the skill should or should not be invoked. In agent ecosystems, broad activation language can cause over-selection of the skill, increasing exposure of sensitive prompts, context, or external calls to a third-party service whenever the router infers the skill might help.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The marketing copy says users can 'drop in your own thinking' and receive 'the move you couldn't see,' which frames the service as broadly applicable to arbitrary user problems rather than a constrained function. That ambiguity can encourage routing highly sensitive or unrelated content into the skill, making unnecessary external disclosure and overreach more likely.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The manifest description claims the skill makes an agent 'limitless' and invites users to 'tell your agent what you want' without any stated scope, boundaries, or trigger constraints. In an agent ecosystem, this kind of unconstrained capability framing can encourage over-broad invocation and unsafe delegation, especially when paired with network permission and broad model compatibility.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs the agent to POST user/task context to an external service, which creates a real data exfiltration path from the agent environment to a third party. Although the text says not to include secrets, it also encourages sending the problem, current thinking, and what has been tried, which can easily contain sensitive business, personal, or proprietary information; the surrounding privacy claims are unverified and increase risk because they may cause over-trust.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal