ClawHub

Agent Threat Intelligence Exchange

Security checks across malware telemetry and agentic risk

Overview

This is a non-executing guide, but its examples under-disclose authenticated live API actions that can create financial, contractual, and sensitive threat-intelligence records.

Review before installing or following the examples. Use only a verified sandbox or mock endpoint, do not connect production GreenHelix accounts, wallets, or private threat-intelligence feeds until API effects are clear, and require explicit budget limits and human approval for purchases, escrow, SLA, dispute, or data-sharing actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The guide explicitly states that no API key is required, but the provided client code requires an `api_key` and is designed to perform authenticated operations against a live external service. This mismatch can mislead users into running code under false assumptions, increasing the chance of unintended account use, credential prompting, or accidental creation of live financial artifacts such as wallets, escrows, and SLAs.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The guide presents code that performs live network calls and operational actions such as wallet creation, deposits, escrow creation, SLAs, and disputes, but it lacks an explicit safety warning near the code. In this context, the omission is dangerous because users may treat the examples as passive snippets when they actually automate external transactions and can create real financial and contractual artifacts.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The examples handle and transmit threat intelligence containing indicators such as IP addresses and email addresses, which may be sensitive or regulated personal data depending on jurisdiction and context. Without a clear warning, users may unknowingly process or export sensitive data to external services, increasing compliance, privacy, and information-handling risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal