ClawHub

Autoglm File Upload

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward AutoGLM file uploader that sends a user-specified local file to AutoGLM using a locally retrieved token.

Install only if you intend to send selected local files to AutoGLM. Avoid using it on sensitive documents unless you trust AutoGLM and the local token provider at 127.0.0.1:18432; confirm the exact file path before running the script.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill performs network actions, including token retrieval from a local HTTP service and file upload to a remote API, but does not declare permissions. This weakens user awareness and policy enforcement, making it easier for a user or host system to invoke data-transfer behavior without explicit consent boundaries.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill automatically obtains an authentication token from a local service and uploads arbitrary local files to a third-party endpoint, yet provides no privacy or security warning. This is dangerous because users may unintentionally transmit sensitive local documents and bearer tokens off-host without understanding the data exposure or trust boundary.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script reads an arbitrary local file and immediately uploads its contents to a remote third-party endpoint without any explicit user-facing warning, confirmation, or clear disclosure at runtime. In an agent-skill context, this increases the risk of users or higher-level agents sending sensitive local documents off-host without understanding that exfiltration to an external service is occurring.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The code silently retrieves an authentication token from a local HTTP service and uses it for outbound requests, without notifying the user that local credentials are being accessed. While the endpoint is loopback-only, the lack of disclosure and consent is risky in a skill because it normalizes hidden credential access and may surprise users who did not intend to authorize this operation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal