ClawHub

Pub Gemini

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed multi-provider API skill, but it gives agents broad third-party AI, email, and SMS powers without enough built-in scoping or consent guidance.

Install only if you want a broad SkillBoss API gateway, not just Gemini Q&A. Use a dedicated low-limit API key, avoid sending confidential documents, internal URLs, OTP codes, or personal contact data unless approved, and require explicit review before any email, SMS, batch, or paid generation call.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (7)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill documents email sending and SMS/OTP verification workflows that transmit recipient addresses, phone numbers, message content, and verification codes to an external service, but it provides no warning about third-party data handling or privacy implications. In a reusable agent skill, this omission can cause operators to send personal data off-platform without informed consent or appropriate review.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The document-processing and web-search examples encourage sending document URLs, prompts, and search queries to a remote aggregation API backed by multiple third-party providers, but the skill does not warn that sensitive content may leave the local environment. This is dangerous because users may submit confidential documents or proprietary prompts assuming the skill is local or single-provider.

External Transmission

Medium
Category
Data Exfiltration
Content
## Email

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
86% confidence
Finding
curl -s -X POST https://api.heybossai.com/v1/run \ -H "Authorization: Bearer $SKILLBOSS_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "model": "email/send", "inputs": {"to": "us

External Transmission

Medium
Category
Data Exfiltration
Content
## Document Processing

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
84% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
## Email

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
86% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
Send OTP:

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
88% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
Verify OTP:

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
89% confidence
Finding
https://api.heybossai.com/

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal