Clawhub Skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent LLM router guide, but its documented defaults could expose a provider-backed chat proxy and usage dashboard unless the user locks it down.

Review before installing. Only run the referenced npm project from a repository you trust, set ROUTER_API_KEY, bind HOST to localhost unless remote access is intentional, protect .env and upstreams.json, and avoid routing sensitive prompts to cloud providers unless you trust their retention and logging practices.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill instructs users to configure upstream providers and route prompts through the router, but it does not explicitly warn that prompt contents and related request metadata will be transmitted to local or third-party model endpoints. In an LLM routing skill, that omission is security-relevant because users may unknowingly send sensitive data to external services with different trust boundaries, retention policies, or compliance posture.

Missing User Warnings

Low

Confidence: 87% confidence
Finding: The dashboard and usage endpoints are documented without warning that token usage metadata may be stored and exposed via local HTTP endpoints. Even if the data is only local, usage records can reveal sensitive operational patterns, tenant activity, or prompt volume and may be accessible if the service is exposed or weakly protected.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal