ClawHub

GitHunt

Security checks across malware telemetry and agentic risk

Overview

GitHunt is a disclosed recruiting/search skill that queries the GitHunt API for GitHub developer profiles and contact fields, with privacy-use caveats but no hidden execution, persistence, credential use, or destructive behavior found.

Install only if you are comfortable sending search terms, locations, skills, and candidate usernames to githunt.ai and receiving developer profile/contact data. Use any emails or social handles in compliance with privacy law, platform terms, recruiting rules, and anti-spam requirements; avoid bulk unsolicited outreach or retaining more contact data than needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (19)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documentation contains shell-capable examples (`curl`, pipes, `grep`, `jq`) but does not declare corresponding permissions. In an agent ecosystem, undeclared execution/network capabilities reduce transparency and can cause users or orchestrators to invoke outbound requests and shell processing without explicit consent or policy review.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill is explicitly designed to find, rank, and expose developer contact information for recruiting, yet it provides no privacy, consent, or responsible-use warning. That omission increases the risk of misuse for scraping, profiling, or unsolicited outreach using personal identifiers gathered from third-party sources.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documented response schema includes personal identifiers and contact details such as name, location, company, email, website, and social handles, but no safeguards or handling requirements are described. In a talent-search context, aggregating and redistributing this data can facilitate doxxing, spam, or privacy violations if consumed by an automated agent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The paid workflow markets bulk export of full candidate reports with contact information, but it lacks any warning about privacy, lawful use, or secure data handling. Bulk export materially raises abuse potential because it enables at-scale harvesting and redistribution of personally identifiable and contact data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script sends user-supplied search criteria (location, role, and skills) to a third-party API, but it does not clearly warn the operator at execution time that these inputs are being transmitted off-host. In an agent-skill context, users may assume a local search utility, so the lack of explicit disclosure creates a privacy and consent risk, especially for sensitive recruiting or profiling queries.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description explicitly advertises access to developer contact information for recruiting and sourcing, but provides no privacy, consent, or acceptable-use guidance. In this context, the omission encourages downstream use of personal data for profiling and outreach without safeguards, increasing risk of privacy abuse and spam.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documented response schema includes sensitive personal fields such as email, website, location, company, and social handles, yet the skill provides no warning about handling, retention, minimization, or lawful use of that data. This makes the skill materially more dangerous because it normalizes aggregation of personally identifying information without guardrails.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The 'Outreach automation' integration idea promotes automated use of collected emails for contacting candidates but omits any mention of consent, rate limits, anti-spam controls, or privacy compliance. That creates a clear misuse path for unsolicited mass contact and targeted harvesting of developer personal information.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script transmits user-provided search criteria to a third-party API but does not clearly warn users in its usage/help text that their inputs will be sent off-host. While external transmission is core to the skill's functionality, the lack of explicit disclosure creates a privacy and informed-consent issue, especially because location and hiring-related criteria may be sensitive in some environments.

External Transmission

Medium
Category
Data Exfiltration
Content
Real-time streaming search that returns candidates as they're found. Returns **top 10 sample results** for free.

```bash
curl -N -X POST "https://api.githunt.ai/v1/rank/users/stream" \
  -H "Content-Type: application/json" \
  -H "Accept: text/event-stream" \
  -d '{
Confidence
86% confidence
Finding
curl -N -X POST "https://api.githunt.ai/v1/rank/users/stream" \ -H "Content-Type: application/json" \ -H "Accept: text/event-stream" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
Get detailed score for a specific GitHub user.

```bash
curl -X POST "https://api.githunt.ai/v1/rank/user" \
  -H "Content-Type: application/json" \
  -d '{
    "username": "torvalds",
Confidence
84% confidence
Finding
curl -X POST "https://api.githunt.ai/v1/rank/user" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
### Find React Developers in Berlin (Streaming)
```bash
curl -N -X POST "https://api.githunt.ai/v1/rank/users/stream" \
  -H "Content-Type: application/json" \
  -H "Accept: text/event-stream" \
  -d '{"location": "berlin", "role": "frontend"}' 2>/dev/null | \
Confidence
83% confidence
Finding
curl -N -X POST "https://api.githunt.ai/v1/rank/users/stream" \ -H "Content-Type: application/json" \ -H "Accept: text/event-stream" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
### Score a Specific Candidate
```bash
curl -s -X POST "https://api.githunt.ai/v1/rank/user" \
  -H "Content-Type: application/json" \
  -d '{"username": "sindresorhus", "skills": ["javascript", "typescript"]}' | jq
```
Confidence
82% confidence
Finding
curl -s -X POST "https://api.githunt.ai/v1/rank/user" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
Real-time streaming search that returns candidates as they're found. Returns **top 10 sample results** for free.

```bash
curl -N -X POST "https://api.githunt.ai/v1/rank/users/stream" \
  -H "Content-Type: application/json" \
  -H "Accept: text/event-stream" \
  -d '{
Confidence
86% confidence
Finding
https://api.githunt.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
Get detailed score for a specific GitHub user.

```bash
curl -X POST "https://api.githunt.ai/v1/rank/user" \
  -H "Content-Type: application/json" \
  -d '{
    "username": "torvalds",
Confidence
84% confidence
Finding
https://api.githunt.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
### Find React Developers in Berlin (Streaming)
```bash
curl -N -X POST "https://api.githunt.ai/v1/rank/users/stream" \
  -H "Content-Type: application/json" \
  -H "Accept: text/event-stream" \
  -d '{"location": "berlin", "role": "frontend"}' 2>/dev/null | \
Confidence
83% confidence
Finding
https://api.githunt.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
### Score a Specific Candidate
```bash
curl -s -X POST "https://api.githunt.ai/v1/rank/user" \
  -H "Content-Type: application/json" \
  -d '{"username": "sindresorhus", "skills": ["javascript", "typescript"]}' | jq
```
Confidence
82% confidence
Finding
https://api.githunt.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
echo ""

# Make streaming request and parse SSE
curl -s -N -X POST "$API_URL/rank/users/stream" \
  -H "Content-Type: application/json" \
  -H "Accept: text/event-stream" \
  -H "User-Agent: OpenClaw/1.0 (githunt-skill)" \
Confidence
96% confidence
Finding
curl -s -N -X POST "$API_URL/rank/users/stream" \ -H "Content-Type: application/json" \ -H "Accept: text/event-stream" \ -H "User-Agent: OpenClaw/1.0 (githunt-skill)" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
echo ""

# Make request
response=$(curl -s -X POST "$API_URL/rank/users" \
  -H "Content-Type: application/json" \
  -H "Accept-Encoding: gzip" \
  -d "$payload" --compressed 2>/dev/null)
Confidence
89% confidence
Finding
curl -s -X POST "$API_URL/rank/users" \ -H "Content-Type: application/json" \ -H "Accept-Encoding: gzip" \ -d

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal