ClawHub

Poe Api

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Poe API client that sends user-selected prompts to external AI models by design, with no evidence of hidden local access, persistence, or destructive behavior.

Install only if you are comfortable sending prompts, code, datasets, and search queries to Poe and selected model providers. Keep the Poe API key in the POE_API_KEY environment variable, monitor quota or billing, redact secrets and sensitive personal or proprietary data, and consider pinning the OpenAI dependency for controlled environments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README promotes sending programming, design, analysis, search, and creative-task prompts to Poe and other routed models, but it does not clearly warn that user prompts, code, data, or other task content may be transmitted to external third-party AI providers. In an orchestration skill, this omission is security-relevant because operators may unknowingly send sensitive source code, credentials, proprietary documents, or personal data off-platform, especially since the skill advertises automatic model selection across 300+ models.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly encourages querying external AI models and performing web searches, but it does not warn that user prompts, code, datasets, or other task content may be transmitted to third-party providers through Poe. This can lead to inadvertent disclosure of sensitive or regulated data because users may assume the skill operates locally or under a single trusted boundary.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal