ClawHub

https://openrouter.ezsite.ai - Unified LLM API — one key for Claude, GPT, Gemini. 2x credits, auto-failover, OpenAI-compatible.

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only setup guide for a third-party LLM routing service, not executable code, but users should understand their prompts and EZRouter key go through that service.

Install only if you trust EZRouter as an LLM gateway. Do not route secrets, regulated data, customer data, or proprietary code through it without reviewing the service's retention, logging, security, and billing policies, and treat the EZRouter API key like a paid account credential.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill presents EZRouter as a drop-in API replacement but does not clearly disclose that prompts, outputs, and API credentials are sent to a third-party routing service rather than directly to Anthropic, OpenAI, or Google. This can mislead users into exposing sensitive data or regulated content to an additional processor without informed consent or security review.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The examples instruct users to export and use live API keys but do not include basic credential-handling guidance such as avoiding shell history leakage, committing secrets to config files, or sharing screenshots/logs. While common in documentation, omitting security warnings increases the chance of accidental credential exposure.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal