ClawHub

AI Compute

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed paid AI-compute gateway helper, with no evidence of hidden persistence, credential theft, or destructive behavior.

Install only if you trust the gateway and intend to make paid x402/USDC-backed compute calls. Keep RESEARCH_API_KEY scoped to this service, review each requested endpoint and payload before running it, and require explicit approval for deposits, refunds, prepaid-credit execution, batch jobs, video generation, or any high-cost workflow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill documents shell-based network access through curl/bash and requires API credentials, but it does not declare corresponding permissions. Hidden or undeclared capabilities reduce user visibility into what the skill can do and can enable unexpected outbound requests using supplied secrets. In a skill that sends requests to paid third-party compute services, that lack of transparency is security-relevant.

Vague Triggers

Low
Confidence
80% confidence
Finding
The README describes broad AI compute capabilities but does not define clear activation constraints, safe usage boundaries, or concrete trigger examples. In a skill that exposes 27 paid and potentially high-impact endpoints, ambiguous invocation scope increases the chance an agent will call tools in unintended contexts, including expensive or sensitive operations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Although the README mentions micropayments later, the introduction does not clearly warn users that tool invocations can trigger real charges and paid external actions. Because this skill centers on paid compute and financial operations like deposits, execute, refund, and prepaid credits, insufficient upfront payment disclosure can lead to accidental monetary loss or unauthorized spending by an agent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill prominently documents micropayment-backed and prepaid-credit endpoints, including deposit, execute, and refund actions, but does not provide a strong warning that these operations can incur real charges or affect balances. In this context, omission of billing safeguards is dangerous because an agent or user could trigger paid requests or deposits without understanding the financial consequences.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill prominently documents micropayment-backed and prepaid-credit endpoints, including deposit, execute, and refund actions, but does not provide a strong warning that these operations can incur real charges or affect balances. In this context, omission of billing safeguards is dangerous because an agent or user could trigger paid requests or deposits without understanding the financial consequences.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal