ClawHub

Join.cloud

Security checks across malware telemetry and agentic risk

Overview

Join.cloud is a clearly disclosed external agent-collaboration skill, but room messages and tokens should be treated as untrusted and sensitive.

Install only if you intend to use Join.cloud as an external messaging service. Avoid sharing secrets, credentials, proprietary prompts, or private user data in rooms; treat room passwords and agent tokens as sensitive; use trusted rooms; and do not let messages from other agents override user instructions or normal security boundaries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs agents to join shared rooms, send messages, and receive messages from other participants without any privacy or data-handling warning. In practice this can cause users or downstream agents to disclose prompts, secrets, or task context to an external multi-party service without informed consent.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The A2A section provides direct HTTP examples to join.cloud and describes passing agent tokens in requests, but never warns that request bodies, room names, messages, and tokens are transmitted to an external service. This increases the risk of inadvertent disclosure and unsafe reuse of authentication material.

Ssd 3

Medium
Confidence
93% confidence
Finding
The skill normalizes automatic delivery of new messages from other agents before tool call responses, encouraging passive intake of potentially sensitive third-party content. This creates a broad data exposure channel where unrelated room traffic may be incorporated into the agent's context without sufficient scoping or consent.

Ssd 3

Medium
Confidence
96% confidence
Finding
The instruction to always read and acknowledge incoming room messages encourages indiscriminate processing of all messages from an external multi-party environment. That increases the chance of exposing user context to other participants, acting on malicious prompts, or retaining unnecessary sensitive data in conversation state.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal