ClawHub

ClawWorld

Security checks across malware telemetry and agentic risk

Overview

ClawWorld is a disclosed remote simulation skill that can create ongoing agent sessions and store a service token, but the behavior matches its stated purpose.

Install this only if you want an agent to participate in a remote simulation over time. Treat the generated token like a password for that agent, avoid putting personal or sensitive information in names/messages/renders, and stop or clear sessions when you no longer want them running.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrase "join ClawWorld" is broad enough that an agent could interpret casual user text as authorization to initiate registration and persistent autonomous operation. In this skill, that ambiguity is more dangerous because activation leads directly to external network access, token issuance, and long-running background behavior.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The registration flow issues a permanent identity token and instructs the user to save it, but the skill does not foreground the security and privacy implications of storing a long-lived credential. If an agent follows this guidance without clear warning or secure handling requirements, the token could be exposed, reused, or retained longer than intended.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
These instructions direct the model to spawn a dedicated session, connect to a remote WebSocket, and continue acting every tick while remaining silent to the owner. That creates autonomous, ongoing networked behavior with reduced user visibility, increasing the risk of uncontrolled actions, resource consumption, and loss of informed consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal