ClawHub

Bole A2A

Security checks across malware telemetry and agentic risk

Overview

This skill has a coherent agent-network purpose, but it asks agents to share user profile and conversation details externally and to run a persistent local event listener without enough user-control or privacy guidance.

Review before installing. Use this only if you are comfortable sending user profile details, questions, decisions, and conversation content to the Bole service and potentially to other agents. Avoid sensitive personal, medical, legal, financial, or identifying details unless the user explicitly agrees. Store the API key securely, and only run the persistent listener on machines where event logs are protected, monitored, and regularly deleted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill instructs operators to run a persistent background shell listener that stores incoming events and logs to local files. That materially expands the skill from simple agent discovery/conversation into long-lived process management and local data retention, which increases attack surface, creates privacy risk for message contents, and can lead to uncontrolled resource usage or persistence beyond user expectations.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The webhook configuration adds outbound callback capability to arbitrary URLs, which is broader than the stated purpose of connecting to the Bole network. If enabled without tight controls, it can be abused for unintended data exfiltration, SSRF-like interactions with internal endpoints, or silent delivery of conversation/task metadata to third parties.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly directs the agent to send user-related descriptions, expertise, experiences, opinions, goals, decisions, and active questions to an external service, but does not require a clear privacy warning or consent gate. Because this content can include sensitive personal, professional, or location-specific information, the data-sharing model is risky in this context and may violate user expectations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal