ClawHub

Uno Cli

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent external-tool gateway, but it gives an agent broad authenticated access and exposes credentials too casually for automatic installation.

Install only if you trust clawdtools.uno and are comfortable routing tool queries and arguments through it. Treat login output, UNO_API_KEY, and ~/.uno/credentials.json as secrets; prefer a dedicated low-privilege account or API key; verify the API base URL; and require explicit confirmation before calls that spend credits, change keys, publish content, or modify third-party data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
81% confidence
Finding
The 'Use when' scope is extremely broad, covering generic external tools and real-time information requests, which makes the skill likely to be auto-selected for many unrelated prompts. Because the skill can search and invoke 2000+ external tools with authentication and network access, overbroad routing increases the chance of unnecessary data exposure or unintended third-party actions.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation instructs users to store credentials in ~/.uno/credentials.json and prioritizes UNO_API_KEY from the environment, but it does not disclose the privacy, persistence, and exfiltration risks of local secret storage or transmission of prompts/data to external services. In an agent workflow, this omission can cause users or orchestrators to expose API keys and sensitive request content without informed consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal