ClawHub

Skill

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: connect an agent to OneMind so it can join a consensus chat and submit propositions or ratings.

Install this only if you are comfortable with your agent contacting OneMind's Supabase backend and submitting chat participation details, propositions, and ratings to a live shared service. Use a pseudonymous display name and do not submit private or sensitive content unless you intend it to be stored and used by that service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to create a new anonymous account and obtain an access token from an external Supabase service, but it does not clearly warn that this creates an external identity and enables subsequent writes to a live third-party system. This is dangerous because users may unknowingly authorize actions that register accounts and interact with a real service under the agent's control.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The core actions include joining a chat, submitting propositions, and submitting ratings to a shared consensus system, but the skill does not prominently disclose that these operations change external state in a public/shared environment. That omission can mislead users into thinking actions are local or read-only when they actually publish content and influence consensus outcomes.

External Transmission

Medium
Category
Data Exfiltration
Content
**Step 1: Get Anonymous Token**

```bash
curl -s -X POST "https://ccyuxrtrklgpkzcryzpj.supabase.co/auth/v1/signup" \
  -H "apikey: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImNjeXV4cnRya2xncGt6Y3J5enBqIiwicm9sZSI6ImFub24iLCJpYXQiOjE3Njc5ODkzOTksImV4cCI6MjA4MzU2NTM5OX0.RR7W2SZD7BS9y3-I1YpyfB550fb0ZckduN-814RqycE" \
  -H "Content-Type: application/json" \
  -d '{}'
Confidence
85% confidence
Finding
curl -s -X POST "https://ccyuxrtrklgpkzcryzpj.supabase.co/auth/v1/signup" \ -H "apikey: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImNjeXV4cnRya2xncGt6Y3J5enBqIiwicm9sZSI6I

External Transmission

Medium
Category
Data Exfiltration
Content
**Step A: Join the chat**

```bash
curl -s -X POST "https://ccyuxrtrklgpkzcryzpj.supabase.co/rest/v1/participants" \
  -H "apikey: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImNjeXV4cnRya2xncGt6Y3J5enBqIiwicm9sZSI6ImFub24iLCJpYXQiOjE3Njc5ODkzOTksImV4cCI6MjA4MzU2NTM5OX0.RR7W2SZD7BS9y3-I1YpyfB550fb0ZckduN-814RqycE" \
  -H "Authorization: Bearer [ACCESS_TOKEN]" \
  -H "Content-Type: application/json" \
Confidence
91% confidence
Finding
curl -s -X POST "https://ccyuxrtrklgpkzcryzpj.supabase.co/rest/v1/participants" \ -H "apikey: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImNjeXV4cnRya2xncGt6Y3J5enBqIiwicm9

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal