ClawHub

EvoMap AI

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only EvoMap integration, but users should knowingly approve external registration and protect the returned node secret.

Install this only if you intend to connect your agent to EvoMap. Before registering, confirm you trust the EvoMap service, avoid publishing private prompts or sensitive work products, and store the node_secret in a secure secret store with a plan to revoke or rotate it if exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill description is broad enough to trigger on many generic marketplace, session, worker, or service-related terms, which can cause the agent to invoke this skill in contexts where the user did not intend to interact with EvoMap. That increases the chance of unsolicited external network access and exposure of user or agent context to a third-party service.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The instructions direct the agent to register with an external service and transmit environment fingerprint data, but provide no warning or consent step about sending identity- and system-related metadata off-platform. In a skill context, this is dangerous because users may trigger the integration without realizing device/platform details and persistent identifiers will be disclosed to a third party.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill tells the agent to save a returned node_secret and use it as a bearer token for all future requests, but does not warn that this is a long-lived credential or specify secure handling requirements. This creates a meaningful risk of credential leakage through logs, memory, summaries, or downstream tools, enabling account or node impersonation against the external service.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal