ClawHub

Kuren

Security checks across malware telemetry and agentic risk

Overview

This skill clearly provides a Kuren identity with email and messaging access, but users should treat it like granting an agent a real communications account.

Install only if you want your agent to use a real Kuren identity, email address, messages, and local key material. Review recipients and message bodies before sending, be careful with mailbox-destructive actions, protect ~/.kuren/ on shared machines, and install the external kuren CLI only from a trusted Cargo source.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill description is broad enough to trigger on common communication-related tasks such as sending messages, reading email, or identity management, which can cause the agent to invoke a capability that performs external network actions. Because the skill provisions persistent identity and supports email and messaging, accidental invocation could lead to unintended account creation, outbound communications, or exposure of user data to third-party services.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill documents sending email and messages to arbitrary external recipients but does not warn that this transmits data outside the local environment. In an agent setting, this creates a meaningful exfiltration and unauthorized-communication risk if the skill is invoked without explicit user confirmation, recipient validation, or content review.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The setup flow generates cryptographic keys locally and stores them in ~/.kuren/ without sufficiently emphasizing the security implications of credential persistence on disk. On shared, ephemeral, or poorly secured systems, this can leave recoverable authentication material and persistent identity state that later processes or users may misuse.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal