ClawHub

MLX Swift LM Expert

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Swift ML skill whose network, cache, credential, and tool-calling examples fit its stated purpose.

Install is reasonable if you want Swift MLX reference material. When using the examples, pin trusted model revisions where practical, keep Hugging Face tokens out of source code, restrict remote media URLs, and require validation or confirmation before connecting model tool calls to file changes, account actions, payments, or public posting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation shows executing model-generated tool calls directly via `toolCall.execute(with: weatherTool)` without an explicit safety warning that tool calls are untrusted model output and may cause side effects, external requests, or data access. In LLM tooling workflows, readers often copy examples verbatim, so this omission can normalize unsafe execution patterns and increase the chance of prompt-injection-driven or unintended tool invocation in downstream applications.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly states that models are downloaded automatically from Hugging Face but does not warn users that invoking the example will trigger outbound network access and retrieval of third-party artifacts. In an agent context, undocumented network access can violate user expectations, leak metadata such as IP/project usage, and introduce supply-chain risk from unreviewed remote model content.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The examples document `UserInput.Image.url(...)` and `UserInput.Video.url(...)` for file or remote URLs without cautioning that processing such inputs may cause the application to fetch attacker-controlled external resources. In agent or server environments this can enable SSRF-style behavior, unexpected egress, access to internal services, and privacy leaks through remote fetches.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal