ClawHub

Freeapi

Security checks across malware telemetry and agentic risk

Overview

This is a real local OpenAPI client, but it gives the agent broad API-key handling and request-making power without enough safeguards.

Install only if you are comfortable giving the agent broad API-client power. Use official specs, inspect the target server and operation before each run, use least-privilege tokens, keep `.env` out of source control, and manually confirm any create, update, delete, billing, publishing, or sensitive-data request.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly directs the agent to ask users for API keys in chat and write them into a local `.env` file, but provides no safeguards about secure handling, masking, permissions, accidental commits, or whether chat logs retain the secret. This creates a real credential-handling risk because it normalizes secret collection through the agent and encourages storage in a commonly exposed file format without warning.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The setup flow prompts users for API keys and writes them into a plaintext .env file in the current working directory without any warning, permission hardening, or guidance about safe handling. In shared directories, repos, backups, or misconfigured systems, this can lead to accidental credential disclosure and subsequent account compromise.

Ssd 3

High
Confidence
99% confidence
Finding
The onboarding flow tells the agent to conversationally request API keys, save them, and confirm success, which normalizes collecting sensitive credentials through chat. In an agent environment, this is especially dangerous because secrets may be exposed to logs, transcripts, tool traces, prompt history, or other skills, making credential theft or misuse materially easier.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal