ClawHub

Ai Content Creator

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real external API/media skill, but it needs Review because it can send user content to paid third-party services and invokes shell setup without clear disclosure.

Install only if you are comfortable with the agent contacting third-party paid APIs and potentially sending your prompts, URLs, fetched content, transcripts, or audio outside the local environment. Use non-sensitive inputs, confirm costs before paid calls, and prefer a dedicated limited wallet or account if x402 payments are enabled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill documentation indicates shell execution and outbound network access via `bash .../scripts/create.sh` and remote x402 endpoints, but no explicit permissions are declared. This creates a trust and review gap: operators may enable a skill without understanding that it can invoke shell commands and transmit data externally, increasing the risk of unintended command execution paths and data exposure.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README advertises web search, content extraction, and multimedia generation features that inherently imply sending prompts, URLs, fetched content, or uploaded media to external services, but it does not disclose that network access occurs or that user-provided content may be transmitted to third-party providers. This creates a real security and privacy risk because users may supply sensitive text, documents, or media under the assumption the skill is local or self-contained, leading to unanticipated data exposure.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill encourages sending prompts, URLs, transcripts, and audio to external paid APIs but does not warn users that their supplied content will leave the local environment. In a content-creation context, users may submit proprietary drafts, customer data, unpublished marketing plans, or sensitive recordings, leading to confidentiality, compliance, and billing risks if transmitted without informed consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal