ClawHub

Relay Node

Security checks across malware telemetry and agentic risk

Overview

This instruction-only relay skill is coherent and purpose-aligned, but its relay and port-forwarding commands should be used carefully because they can expose network services.

Install only if you intend to manage relay nodes. Before running the relay or forwarding commands, confirm bind addresses, authentication, source allowlists, encryption, logging, and who can reach forwarded ports; prefer localhost-only or private-network exposure unless public access is explicitly approved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill documents multiple relay and proxy modes, including SOCKS5, HTTP proxying, TCP bridging, and WireGuard-over-TCP, but does not warn that traffic may traverse intermediary nodes or be exposed to logging, interception, policy bypass, or unintended trust expansion. In a networking/relay skill, this omission is security-relevant because operators may enable relays assuming transparent and safe forwarding without understanding that intermediate hosts become part of the trust boundary.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill presents commands to enable relay mode and configure port forwarding without any caution about opening proxy paths, exposing internal services, creating pivot routes, or affecting firewall and access-control posture. This is dangerous because users can quickly establish forwarding behavior that expands network reachability or creates an unintended proxy for lateral movement, especially in clustered or NAT-traversal scenarios.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal