ClawHub

Oda Monitor

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Watch.dog monitoring integration, but it asks the agent to store your API key locally and immediately make a silent account query after credentials are provided.

Install only if you are comfortable giving this skill a Watch.dog API key, having that key stored in a local `.env` file in the skill directory, and allowing an immediate account monitor listing after credential setup. Use a revocable least-privilege key if available, keep the API URL set to the official Watch.dog endpoint unless you intentionally trust another server, and review account-changing actions such as create, pause, resume, delete, and status-page updates before approval.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to automatically perform a silent API call immediately after credentials are provided or changed, without clearly warning the user that their credentials will be used to access and retrieve account data. This creates a consent and privacy issue because sensitive account metadata may be transmitted or exposed before the user explicitly requests any account operation.

Ssd 3

Medium
Confidence
94% confidence
Finding
Automatically using newly supplied credentials to invoke `list_monitors` is an unauthorized action unless the user has explicitly agreed to that test. Even if intended as a convenience, it causes the agent to take an external action with sensitive credentials autonomously, which is risky in a security-sensitive integration.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal