ClawHub

Deep Research

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed paid research helper that sends research queries to an external gateway, with no evidence of hidden persistence, destructive behavior, or credential theft.

Install only if you are comfortable using a paid external research gateway. Treat all queries, URLs, and extracted pages as data that may be sent to the gateway and upstream providers such as Tavily or public research databases. Avoid using it for secrets, private business material, regulated personal data, or sensitive medical/legal/financial details unless you have confirmed the provider and cost controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill clearly instructs the agent to invoke a shell helper (`bash .../scripts/research.sh`) and make outbound network calls, but the manifest does not declare corresponding permissions or provide equivalent user-facing consent boundaries. That mismatch can cause the skill to be invoked with capabilities the platform or user did not explicitly expect, increasing the risk of unintended data egress and command execution through the helper layer.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The workflow says 'When the user asks you to research a topic' and encourages broad use for general research, which is an expansive trigger likely to match many ordinary user requests. Because this skill performs paid external calls and transmits user-supplied queries/URLs, broad invocation increases the chance of accidental activation, unnecessary spending, and disclosure of sensitive prompts to third-party services.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill describes numerous external endpoints and a helper for submitting queries and URLs, but it does not prominently warn that user inputs, search terms, and extracted URLs will be sent to external services such as Tavily and the research gateway. In a research assistant context, users may paste proprietary, personal, or regulated information, so the missing disclosure materially raises privacy and compliance risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal