ClawHub

Multi-Agent AI Setup Guide

Security checks across malware telemetry and agentic risk

Overview

This documentation-only setup guide is coherent and not malicious, but it merits Review because it broadly advises disabling sandboxing while setting up persistent multi-agent memory and WhatsApp console mirroring.

Install only if you intentionally want this kind of powerful multi-agent setup. Keep sandboxing enabled unless you have a specific external-volume problem, use a dedicated memory vault with no secrets, review any related skills before installing them, and enable WhatsApp mirroring only for channels where logs and prompts are safe to forward.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill recommends a WhatsApp bidirectional mirroring setup without an explicit privacy, retention, or data-sharing warning. This can expose sensitive console content, operational logs, prompts, secrets, or personal data to a third-party messaging service and to any device/account linked to that WhatsApp session.

Natural-Language Policy Violations

Medium
Confidence
89% confidence
Finding
The guide gives a blanket instruction to never enable sandbox mode on macOS with an external drive, which encourages disabling an important isolation control without requiring a risk assessment or safer alternatives. In a setup guide for multi-agent systems that can access shared memory and external tools, normalizing sandbox disablement increases the blast radius of prompt injection, tool misuse, or agent error.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal