ClawHub

Pangolinfo Ai Serp

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Pangolin-powered Google search integration, with expected privacy tradeoffs around sending searches to Pangolin and caching an API key locally.

Install only if you are comfortable with Pangolin receiving your searches, follow-up prompts, and optional screenshot requests. Prefer providing a Pangolin API key instead of an account password, avoid confidential or regulated queries, and delete or rotate ~/.pangolin_api_key if you no longer want the cached credential on disk.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs the agent to collect user credentials and write an API key to ~/.pangolin_api_key, creating persistent local storage of sensitive authentication material without a clear user consent prompt or warning about on-disk retention. This is dangerous because long-lived credentials can be exposed through local compromise, backups, misconfigured permissions, or use on shared systems.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The reference explicitly supports screenshot capture of search sessions and returns a screenshot URL, but it provides no warning that rendered page contents may include sensitive user-entered queries or other exposed data. In a skill that may be invoked with arbitrary user prompts, this can lead to unintended collection and external storage/transmission of sensitive information.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The API documentation instructs callers to send Google search URLs and follow-up prompts to Pangolin's external scraping service, but it does not clearly disclose that user-provided content leaves the local system and is processed by a third party. This creates a data-handling and privacy risk, especially for multi-turn prompts that may contain sensitive or proprietary information.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The skill sends search queries, follow-up prompts, and potentially sensitive user input to a third-party remote API, but it does not provide an explicit user-facing notice at runtime about that disclosure. In a search skill this behavior is expected, which lowers suspicion, but lack of transparency can still cause inadvertent privacy exposure if users submit confidential data.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal