ClawHub

Interactive Architecture Diagram

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed remote diagram-generation skill, but users should avoid sending confidential diagrams or source details unless they trust the ContextWeave backend.

Install only if you are comfortable sending diagram prompts, architecture descriptions, and any specified CW/request file content to the ContextWeave backend. Set your own CONTEXTWEAVE_MCP_API_KEY if you do not want the bundled anonymous key used, keep session IDs and saved .cw files out of shared locations when they contain sensitive content, and do not run the E2E test script unless you have reviewed it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
99% confidence
Finding
The client embeds a hard-coded API key and uses it automatically when no environment variable is set. Shipping live credentials in client code is dangerous because anyone with code access can extract and misuse the key, leading to unauthorized API consumption, quota theft, billing abuse, and possible shared-tenant data exposure.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill states that successful generate/edit operations automatically save returned `cw_code` to a local `<session_id>.cw` file, but this persistence is easy to miss and may occur without explicit per-action consent. Silent writes can leak sensitive architecture or business logic into the workspace, where other tools, users, or sync processes may later access it unexpectedly.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends drawing data and API-key-authenticated requests to a remote server by default, yet the warning is buried in the specification rather than prominently surfaced at execution time. Because diagrams may contain internal architecture, code structure, file paths, or business workflows, transmitting them off-host without a clear just-in-time warning creates meaningful confidentiality and credential-handling risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This client sends `user_request` and, when provided, local file contents to a remote service endpoint without any in-code consent, warning, or clear disclosure. In a tool that processes arbitrary user text and local files, this can cause unintended exfiltration of sensitive architecture, business, or source-code data to an external domain.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script imports local code via `client.importCode(targetPath)` without any explicit user-facing notice, confirmation, or disclosure that repository contents may be transmitted to an external backend service. In a tool whose purpose is code and architecture visualization, users may reasonably provide sensitive source trees; silent transmission increases the risk of unintended source-code, secret, or proprietary data exposure.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal