ClawHub

Legal Data Plugin for OpenClaw

Security checks across malware telemetry and agentic risk

Overview

This legal research plugin is coherent and purpose-aligned, but users should handle its API key carefully before installing.

Install only if you are comfortable sending legal and compliance queries to Cleo Legal's hosted MCP service. Prefer storing CLEO_LEGAL_API_KEY in a password manager, OS keychain, or session-scoped environment variable instead of adding it permanently to ~/.zshrc or ~/.bashrc, and rotate the key if it is exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README instructs users to place a live API key in a shell startup file, which creates long-lived credential persistence without warning about sensitivity, file permissions, or safer alternatives. This increases the chance of accidental exposure through dotfile syncing, shared accounts, backups, screenshots, or later shell environment leakage to subprocesses.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill directs persistent storage of a sensitive API key in both a config file and shell startup files, but does not clearly obtain informed user consent or explain the exposure tradeoffs of long-lived plaintext secrets. Writing the key into ~/.zshrc or ~/.bashrc increases accidental disclosure risk through shell history, backups, dotfile sync, screen sharing, or later command inspection.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger list includes a very broad condition, "Any question that benefits from grounded legal citations," which can cause the skill to activate for loosely related requests rather than clearly legal-regulatory ones. In an agentic system, over-invocation can route user queries to external tools unnecessarily, increasing the chance of irrelevant legal framing, unintended disclosure of user prompts to third-party services, and reduced reliability.

VirusTotal

61/61 vendors flagged this plugin as clean.

View on VirusTotal