ClawHub

Freelance Pilot

Security checks across malware telemetry and agentic risk

Overview

The skill’s local script is mostly benign, but its integration guide tells agents to run shell commands with pasted job text, which needs review before use.

Review before installing the integration snippet. The local Node script is small and purpose-aligned, but do not paste job descriptions into shell commands unless your agent passes arguments safely. Keep config.json free of secrets and private notes, and only enable the SOUL.md/AGENTS.md behavior if you want automatic analysis whenever you share a freelance listing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Low
Confidence
85% confidence
Finding
The integration instructs the agent to reference portfolio information from `config.json` when drafting proposals, but it provides no requirement to confirm that this data is non-sensitive or appropriate to disclose. In an agent context, this can lead to unintentional inclusion of private personal details, contact information, internal links, or other sensitive metadata in external client-facing messages.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The SOUL.md guidance tells the agent to trigger on a very broad condition: whenever a user shares a freelance job post, it should always run the bid calculator first and critique the post. This can cause unsolicited tool invocation on ordinary conversation content, increasing the chance of unnecessary processing, misleading automation, and over-application of sales-oriented behavior to benign user input.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal