ClawHub

Nex.ai

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Nex CRM integration, but it can send sensitive conversation data to Nex and change or delete CRM data without strong user-confirmation guardrails.

Install only if Nex is an approved place for the conversations and CRM data you plan to share. Use a dedicated least-privilege API key, prefer read-only scopes unless writes are needed, redact secrets and regulated data before ingestion, and require manual confirmation before any delete, schema change, bulk update, or transcript upload involving sensitive people, customer, or business information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README explicitly encourages sending conversation content to Nex to extract entities and insights, but it does not warn users that transcripts may contain sensitive personal, business, or confidential information that will be transmitted to an external third-party service. This can lead to unintentional data disclosure, privacy violations, or policy noncompliance, especially because the skill’s purpose is organizational context aggregation from conversations.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill encourages sending conversation transcripts, meeting notes, and organizational context to a third-party API, which can include sensitive business or personal data. Although there is a general security section, there is no prominent user-facing warning or consent step immediately before such transmission, so agents may exfiltrate confidential data without sufficiently informed approval.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill exposes numerous delete operations, including permanently deleting records and object definitions, but does not clearly require confirmation or warn about irreversible consequences at the point of use. In an agent setting, this can lead to accidental or prompt-induced destructive actions against business-critical CRM data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal