ClawHub

Drive File Relay

Security checks across malware telemetry and agentic risk

Overview

The skill has a clear file-relay purpose, but it asks the agent to copy local files into Google Drive and run a missing PowerShell helper with execution-policy bypass.

Review before installing. Use it only for a specific file you intentionally want copied into your own Google Drive, confirm the exact source path and destination first, and do not run the referenced PowerShell command unless the helper script is supplied from a trusted source and reviewed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description is broad enough to trigger on generic requests to move 'any file' into Google Drive, which can cause the agent to exfiltrate sensitive local data to cloud storage without sufficiently narrow user intent checks. In this context, the action is inherently a data-transfer operation, so ambiguous triggering materially increases the chance of privacy or data-handling mistakes.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill performs a cloud transfer of a local file into Google Drive but does not require an explicit warning or confirmation about the privacy implications of moving data off the local machine and into a third-party cloud service. Because this changes the storage boundary and may expose sensitive files to syncing, retention, or access from other devices/accounts, omission of that warning creates a meaningful confidentiality risk.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal