ClawHub

axihub-subscription

Security checks across malware telemetry and agentic risk

Overview

The skill mostly matches its AxiHub content-subscription purpose, but it asks for persistent credentials, mutable remote installation, and scheduled publishing/pulling that users should review carefully.

Review before installing. Prefer the registry-provided files over the remote auto-install script, store the AxiHub API key in a safer credential store if possible, enable scheduled tasks only if you want ongoing background pulls or publishing, and confirm how to pause/delete scheduled tasks and clean local AxiHub storage.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The setup persists the API key in shell startup files, which stores a sensitive credential in plaintext and causes it to be loaded into future shells automatically. If the account, home directory, backups, logs, or dotfiles are exposed, the credential can be recovered and used to access the AxiHub account and associated data.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The auto-install block downloads remote content and writes it directly into agent skill directories without integrity verification, pinning, or a strong warning that local files will be modified. This creates a supply-chain risk: if the remote host or transport path is compromised, an attacker could deliver altered skill files that the agent may later trust and execute as instructions.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
## 📅 Scheduled Publishing

Users can create custom scheduled tasks to automatically publish content to their designated channels. When the task triggers, it automatically executes the user-defined instruction.

### Create a Publishing Task
Confidence
86% confidence
Finding
automatically execute

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal