ClawHub

Praesidia

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Praesidia integration, but it can make live guardrail changes to agents without clearly requiring confirmation first.

Review this skill before connecting it to a production Praesidia account. Use a least-privilege API key, keep PRAESIDIA_API_URL pointed at a trusted endpoint, require the assistant to show and confirm any guardrail change before POSTing it, test guardrails in staging where possible, and avoid sending confidential or regulated content for validation unless Praesidia's data handling is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README instructs assistants to apply guardrails that can BLOCK, REDACT, REPLACE, RETRY, or ESCALATE content, but it does not pair those actions with a clear warning that these controls can disrupt normal agent behavior, suppress valid requests, or alter user/agent traffic. In a skill that may be followed operationally by an AI assistant, this omission can cause unreviewed policy changes with availability and integrity impact, especially when users ask to 'protect' an agent without understanding side effects.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill description contains very broad trigger phrases such as agent safety, guardrails, security policies, content moderation, and 'is this agent safe?', which can cause the skill to activate in many unrelated security conversations. Because this skill can make authenticated API calls and perform state-changing actions, overbroad invocation increases the chance of unintended data access or configuration changes in the wrong context.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This section instructs the agent to issue a POST request that creates or modifies guardrail configuration without requiring an explicit confirmation step or warning the user that a persistent change will be made. In a conversational environment, ambiguous user phrasing or accidental skill invocation could therefore result in unauthorized or unintended security-policy changes affecting live agents.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal