ClawHub

Uptime Kuma

Security checks across malware telemetry and agentic risk

Overview

The skill appears to manage Uptime Kuma as advertised, but it can use stored credentials to delete monitors or pause all monitoring without a confirmation step.

Install only if you are comfortable giving this skill an Uptime Kuma account that can change monitoring configuration. Prefer a least-privilege account, verify monitor IDs before changes, require human confirmation before delete or pause-all actions, and consider pinning or reviewing the uptime-kuma-api dependency.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad enough that the skill could activate on generic references to uptime, monitoring, or service health, increasing the chance of unintended use. In a skill that can pause, delete, or add monitors using stored credentials, accidental invocation can lead to unauthorized state changes or credential-backed actions without clear user intent.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documents monitor deletion as a direct command without warning, confirmation, or rollback guidance. Because deleting monitors can remove critical health checks and operational visibility, a mistaken or socially engineered invocation could silently disrupt monitoring coverage.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documented bulk pause workflow iterates over all monitor IDs and pauses every monitor with no warning about operational impact or confirmation barrier. In context, this can blind an organization’s monitoring during incidents or maintenance and is especially risky because it is easy to copy-paste and affects all monitored services at once.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The `delete` command performs irreversible monitor deletion immediately with no confirmation, dry-run, or secondary safety check. In an agent context, this increases the chance that ambiguous prompts, prompt injection, or user misunderstanding can trigger destructive actions that disrupt monitoring coverage and incident visibility.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal