Local Claw Skill Nest Client

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for a private skill repository, but it can install or update active agent skills with limited safeguards and has an unsafe Windows extraction path.

Use this only with a Skill Nest service you operate or strongly trust. Set an explicit local/private SKILLHUB_URL, use a unique scoped API key, avoid exposing the key in prompts or logs, and inspect downloaded skill packages before installing or updating, especially on Windows or with unusual skill names.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill documentation indicates it uses environment variables and network access, but it does not declare permissions explicitly. This can lead to under-scoped review and unsafe execution because operators may not realize the skill can read secrets and make outbound requests to a local/private service.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs users to provide a SKILLHUB_API_KEY but gives no warning about credential sensitivity, storage, redaction, or logging. That increases the chance the key will be exposed in prompts, shell history, screenshots, logs, or mishandled by downstream tooling, enabling unauthorized access to the private Skill Nest.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal