ClawHub

Clawriosity

Security checks across malware telemetry and agentic risk

Overview

The skill does what it says, but it asks users to put an API key into chat and keeps a long-term personalization profile without clear controls.

Review before installing. Use only a revocable Million Whys API key, prefer a platform secret store over pasting secrets into chat, and install only if you are comfortable with the skill saving a long-term curiosity profile. Look for ways to view, reset, or disable saved memory before relying on personalization.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to accept an API key pasted into chat and save it into environment/config. That expands the skill from simple content retrieval into credential handling, and storing secrets from conversational input can expose them through chat logs, debugging, prompt injection chains, or misuse by other tools sharing the same configuration scope.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The skill mandates long-term storage of detailed user behavior, including question history, interests, reactions, preferences, and inferred learning profile. This is more profiling than is strictly necessary for a curiosity feed and increases privacy risk if memory is exposed, retained too long, or repurposed beyond the user's expectations.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill tells users to paste a secret API key directly into chat and does not warn that conversation history may retain or expose that credential. Even if the key is intended for this service, collecting it via plain chat materially increases the chance of accidental disclosure, replay, or leakage to logs and memory systems.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal