ClawHub

3D Game Builder

Security checks across malware telemetry and agentic risk

Overview

The skill builds 3D browser games, but it also automatically publishes the generated game folder to a public hosting service without a clear per-run consent step.

Install only if you are comfortable with generated games being uploaded to a public here.now link by default. Avoid using private photos, secrets, proprietary text, or sensitive prompts with this skill, and review or remove progress.md and embedded assets before publishing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The skill says it outputs a single local HTML file, but it also instructs the agent to publish the generated build to an external here.now service. That creates an undisclosed outbound data flow and can expose user prompts, embedded assets, or copyrighted/private content beyond the local environment.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
Publishing to a public live URL is not necessary for the core function of generating a browser game and therefore represents capability creep. Unnecessary external distribution increases the chance of accidental data exposure and violates least-privilege expectations for a build skill.

Missing User Warnings

High
Confidence
98% confidence
Finding
The instructions direct publication to a public URL without an upfront privacy warning or explicit consent checkpoint. Because game builds may include user-provided text, images, or generated content derived from private prompts, automatic publication materially increases the risk of unintended disclosure.

Ssd 3

Medium
Confidence
96% confidence
Finding
Requiring publication of the build to a shareable URL can expose embedded assets, user-supplied images, and prompt-derived content outside the local environment. In this skill context, that risk is elevated because the instructions explicitly encourage ingesting reference images and embedding them into the output.

Ssd 3

Medium
Confidence
90% confidence
Finding
The progress tracker stores the original user prompt and iteration history in /tmp/game-build/progress.md, which can retain sensitive or proprietary information longer than needed. Even if stored locally, persistent prompt logging increases exposure to later reads by other tools, users, or future runs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal