ClawHub

KPLC Sentinel

Security checks across malware telemetry and agentic risk

Overview

This looks like a real electricity-tracking skill, but it can create persistent reminders/calendar entries and steer payment flows without clear confirmation rules.

Install only if you are comfortable storing household electricity, location/area, appliance, budget, and top-up history locally. Before use, confirm that calendar/reminder creation and any payment handoff require your approval, and be careful with the reset command because it clears profile data immediately.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to automatically schedule reminders for outages without first obtaining explicit user consent. Creating reminders modifies user state and may reveal sensitive household/location patterns through scheduled artifacts, so doing it silently violates user expectations and can lead to unwanted actions.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill directs automatic calendar event creation when outages are detected, again without confirmation. Calendar writes are side-effecting actions that can expose routines, clutter calendars, or create misleading entries if outage matching is wrong, so silent creation is unsafe.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill offers to initiate an M-Pesa payment when balance is critically low without an explicit payment safety warning or confirmation requirements. Payments are highly sensitive actions; a mistaken trigger, spoofed context, or social-engineering scenario could lead to unauthorized financial loss or pressure users into immediate transactions.

Natural-Language Policy Violations

Medium
Confidence
92% confidence
Finding
The skill hard-codes a specific persona, dialect, and speaking style ('casual English with occasional Sheng/Swahili flavor') without indicating that the user can choose or override it. This can create a poor or exclusionary user experience and may misalign with user expectations, accessibility needs, or enterprise policy, though it does not by itself enable code execution or data exfiltration.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The reset command immediately clears the user's profile and starts onboarding again without any confirmation, warning, or safeguard against accidental invocation. In a chat-driven interface, short commands like 'reset' or 'clear' are easy to trigger unintentionally or via ambiguous user input, causing loss of stored household and budgeting data and degrading service reliability.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal