ClawHub

Gbrain Multi-Agent Search

Security checks across malware telemetry and agentic risk

Overview

This is a coherent gbrain helper, but it deserves review because it can access and embed very private local content without enough scoping or privacy warning.

Install only if you deliberately want an agent to search this gbrain repository. Keep BRAIN_DIR narrow, exclude secrets and highly sensitive files, do not put real API keys in TOOLS.md, and verify the local gbrain code plus the embedding provider's retention and privacy terms before running sync, query, or embed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger list includes broad phrases like "gbrain," "personal knowledge," and generic search-related terms that can match ordinary user requests unrelated to this specific skill. Overbroad activation can cause the agent to invoke this skill unexpectedly and expose or operate on a sensitive local knowledge base containing personal notes, emails, and diary entries.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill describes semantic search and embedding setup using an OpenAI-compatible API but does not clearly warn that content from the user's local knowledge base may be transmitted to an external service during embedding operations. Because the data sources explicitly include personal notes, emails, documents, and diary entries, users may unknowingly send highly sensitive content off-device.

External Transmission

Medium
Category
Data Exfiltration
Content
| `GBRAIN_DIR` | Path to gbrain source repo | `~/gbrain` |
| `BRAIN_DIR` | Path to brain content repo | `~/brain` |
| `OPENAI_API_KEY` | Embedding API key | `sk-...` |
| `OPENAI_BASE_URL` | Embedding API base URL | `https://api.openai.com/v1` |

### One-liner setup (add to TOOLS.md)
Confidence
88% confidence
Finding
https://api.openai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
export GBRAIN_DIR=~/gbrain
export BRAIN_DIR=~/brain
export OPENAI_API_KEY=your-key-here
export OPENAI_BASE_URL=https://api.openai.com/v1
alias gb="cd $GBRAIN_DIR && bun run src/cli.ts"
```
Confidence
90% confidence
Finding
https://api.openai.com/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal