ClawHub

Transform

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate Membrane integration for TransForm, but it gives an agent broad live-account API authority without enough guardrails for writes, deletes, payments, or admin changes.

Install only if you intentionally want an agent to operate on TransForm through Membrane. Use a least-privileged account or non-production workspace where possible, verify the CLI package, and require explicit confirmation before any create, update, delete, export, payment, role, permission, workflow, backup, restore, deploy, or publish action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description says to use the skill whenever the user wants to interact with TransForm data, which is broad enough to trigger in many contexts without clarifying risk, scope, or operation type. In a skill that can authenticate, search actions, run actions, and send proxy API requests, overbroad activation increases the chance the agent invokes a powerful integration without sufficient user confirmation or task narrowing.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
These instructions tell the agent how to run actions and make direct proxy requests to the external API, including POST/PUT/PATCH/DELETE, but do not require warning the user that data may be transmitted, modified, or deleted. Because this skill is an integration layer with broad API reach, omission of an explicit consent/safety step materially raises the risk of unintended data exfiltration or destructive changes.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal