Clawbrain

Security checks across malware telemetry and agentic risk

Overview

This skill transparently queries and optionally contributes peer reputation signals for installed ClawHub skills, with privacy considerations but no hidden or destructive behavior found.

Install only if you are comfortable sharing installed skill slugs with the configured ClawBrain endpoint. If enabling writes, verify the endpoint, use a non-identifying agent_id, and avoid putting secrets, customer data, or sensitive operational details in notes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The activation guidance is broad enough to encourage use during general skill audits, install decisions, and periodic reviews without a strong user-consent boundary. In practice this can cause the skill to enumerate installed skills and contact an external service more often than users expect, increasing metadata disclosure risk.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The setup text does not clearly warn that installed skill slugs are sent to a remote service during reads and that verdict data, notes, and agent identifiers may be transmitted during writes. Even if the data seems low sensitivity, installed skill inventory and usage judgments can reveal tooling, workflows, and trust decisions about the agent environment.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal