Back to skill

Security audit

Claw Insights Install

Security checks across malware telemetry and agentic risk

Overview

This is a coherent install guide for a local observability dashboard, but it recommends running an unverified remote installer and under-warns about disabling authentication for a transcript-viewing service.

Install only if you trust the claw-insights.com installer or npm package. Prefer inspecting the installer before running it, keep authentication enabled, bind the service to localhost, and review retention/database settings because the dashboard can surface local agent transcripts and tool activity.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill explicitly recommends piping a remotely fetched script directly into `sh`, which executes unreviewed code from an external domain with the user's privileges. In an agent skill context this is especially risky because it normalizes blind remote code execution during installation without any integrity verification or safety warning.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documentation presents `--no-auth` as a normal runtime option and later suggests using it to work around `401 Unauthorized`, but provides no warning that this removes access protection from the dashboard API/UI. If the service binds beyond localhost, is port-forwarded, or runs on a shared host, this can expose session transcripts and operational metadata to unauthorized users.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation explicitly exposes a configuration option to disable authentication entirely (`CLAW_INSIGHTS_NO_AUTH=true`) without any adjacent warning about the security consequences. In a dashboard that serves a web/API interface and stores session transcripts and operational telemetry, this can lead to unauthorized local or network access if the service is reachable beyond the intended boundary.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The troubleshooting guide explicitly suggests disabling authentication with `claw-insights start --no-auth` and does not place an immediate, prominent warning beside that instruction. Even though the product is described as local/read-only and later mentions not exposing it directly to the internet, normalizing auth disablement can lead users to run an unauthenticated dashboard on a shared host or via accidental network exposure, enabling unauthorized access to transcripts and observability data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.