ClawHub

ZenVFX CLI

Security checks across malware telemetry and agentic risk

Overview

This is a coherent ZenVFX CLI helper, but it can use a saved token to change, upload, run, and delete assets in a ZenVFX workspace.

Install this only if you trust the ZenVFX CLI package source and need agent access to your ZenVFX workspace. Use a revocable token, avoid shared machines, and confirm the exact project, workspace, canvas, node ID, and file path before uploads, task runs, node removals, or file deletions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
82% confidence
Finding
The manifest description includes very broad trigger phrases such as generic terms for canvas, node, and video generation, which can cause the skill to activate in situations broader than intended. In a skill that can authenticate, upload files, manipulate remote canvases, and delete files, over-triggering increases the chance of unintended high-impact operations being proposed or run.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation advertises `file:rm --path <p>` as a deletion capability without any warning, confirmation requirement, or examples showing safe use. Because this skill manages remote project files and canvases, omission of guardrails can lead an agent to delete user assets or project data based on ambiguous prompts or mistaken paths.

Missing User Warnings

Low
Confidence
76% confidence
Finding
The skill instructs users to authenticate with a token and supports uploading local files, but provides no privacy or secret-handling guidance. This can lead to accidental exposure of sensitive local content or leakage of long-lived credentials through shell history, logs, screenshots, or unsafe prompt handling.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal