ClawHub

Fidel

Security checks across malware telemetry and agentic risk

Overview

This Fidel skill appears purpose-aligned, but it gives an agent broad authenticated access to sensitive card and transaction data without enough guardrails.

Install only if you trust Membrane and specifically need Fidel access. Use a least-privileged Fidel/Membrane connection, review discovered actions before running them, and require explicit confirmation before retrieving sensitive transaction data or performing create, update, patch, or delete operations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The manifest description is overly broad ('Manage data, records, and automate workflows'), which can cause the skill to activate for generic requests unrelated to Fidel specifically. In an agent environment, overbroad activation increases the chance the skill is invoked on sensitive financial-data tasks without clear user intent, expanding access to card-linked data and operations beyond what the user expected.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation states the skill can access users' credit/debit card transaction data, expense behavior, and financial insights, but it does not pair that capability with a prominent privacy warning or requirement for explicit user confirmation before accessing or processing such data. Because this is highly sensitive financial information, omission of consent/privacy guidance increases the risk of unauthorized collection, exposure, or over-sharing in normal agent workflows.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal