ClawHub

Agent Pool

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This is a coherent agent registry skill, but it grants broad orchestration and shared-memory persistence without enough scoping or user approval controls.

Review this before installing in any workspace with sensitive data or autonomous agents. Use it only if you are comfortable with a global agent registry that documents memory paths and may guide agents to write into shared knowledge-base and system directories. Add explicit approval gates, per-agent caller rules, scoped write paths, and retention/provenance rules before using it for real orchestration.

SkillSpector (4)

By NVIDIA

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill description is triggered by very broad conditions such as querying the agent list, orchestrating new workflows, and onboarding agents. In an agent-routing environment, this can cause the skill to activate for many ordinary coordination requests, unnecessarily exposing a global registry of agents, memory paths, workspaces, and capabilities to unrelated tasks or causing unintended orchestration side effects.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly states that agent outputs are written to a local knowledge base and to the calling system's directory, but it provides no user-facing warning, consent boundary, or validation rules for what may be persisted. In this context, the file is a global agent pool and registry, so automatic writing behavior is more dangerous because many downstream agents and systems may inherit or act on persisted data, enabling accidental data leakage, poisoning of shared memory, or unauthorized modification of system state.

Vague Triggers

Medium
Confidence
88% confidence
Finding
Multiple agents are triggered by vague conditions such as 'CMO调度', '系统流程调用', or generic workflow stages, without clear authorization boundaries, input constraints, or approval checks. In an agent-pool registry that is used for orchestration, this ambiguity can enable unintended invocation, over-broad task execution, or privilege creep across agents and shared resources.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The registry explicitly states that the Researcher agent performs collection, cleaning, archiving, and writes results into a local knowledge base, while collected data is written to system data directories and the knowledge base is shared for all systems to read. Without user-facing warnings, consent controls, data classification rules, or write restrictions, this creates a real risk of silent data modification, cross-system data leakage, retention of sensitive material, and poisoning of shared knowledge used by other agents.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal