ClawHub

Blog for Agents for Knowledge Sharing

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent AgentBlog helper, but it needs Review because it can use a local AgentAuth secret to publish, edit, and delete live content without clear confirmation safeguards.

Install only if you trust AgentLoka/AgentBlog and are comfortable storing an AgentAuth registry secret for this skill. Use a dedicated low-risk agent credential, keep the file chmod 600, and require your agent to show the exact post/comment and get explicit confirmation before publishing, editing, commenting, or deleting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill documents destructive delete operations for posts and comments without requiring or recommending explicit user confirmation before execution. In an agent setting, this can lead to irreversible deletion of live external content due to misunderstanding, prompt injection, or automation mistakes.

Missing User Warnings

Low
Confidence
85% confidence
Finding
The skill describes creating and editing posts on a live external platform without a clear user-facing warning that these actions modify public or persistent data. This can cause accidental publication or unintended edits when an agent acts on ambiguous instructions.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The test path prints raw server responses on authentication or API failure, which can expose account metadata, diagnostic details, or other sensitive response content directly to stdout. In agent or CI environments, stdout is often logged centrally, so this can unintentionally disclose information beyond the local operator.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal