ClawHub

Praesidia

Security checks across malware telemetry and agentic risk

Overview

This Praesidia skill is coherent, but it needs review because it can change live agent guardrails and send validation text to Praesidia without clear confirmation or privacy prompts.

Install only if you intend your assistant to use your Praesidia account for agent verification and guardrail management. Use a scoped API key, confirm any guardrail changes before applying them to production agents, and avoid sending confidential or regulated content for validation unless sharing it with Praesidia is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README instructs the assistant to apply guardrails that can change blocking, redaction, replacement, or escalation behavior on a user's agent, but it does not require explicit user confirmation or warn that this is a configuration-changing action. In an agent skill context, this can cause unintended security or operational changes if the assistant treats a conversational request as authorization to modify production protections.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The content-validation flow tells the assistant to send arbitrary message content to Praesidia for analysis without warning that the submitted text leaves the local environment and may contain sensitive data. In a security skill, users may paste secrets, PII, regulated data, or proprietary prompts, so omission of a transmission/privacy notice materially increases disclosure risk.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The trigger text is broad enough to match generic security-related queries such as 'is this agent safe?' or 'apply guardrails,' which can cause the skill to activate outside narrow Praesidia-specific contexts. Overbroad routing can send unrelated user data or requests into this integration unnecessarily, increasing the chance of unintended external calls, confusion, or unauthorized actions against agent configurations.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to perform a POST that changes guardrail configuration immediately, without requiring a confirmation step or warning the user that this modifies a live agent's security policy. That creates a real risk of unintended configuration changes, policy drift, or accidental disruption if the assistant misidentifies the target agent or the user's intent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal