ClawHub

Asus Router

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Asus router administration skill with sensitive but purpose-aligned access to router credentials, local network data, diagnostics, and reboot controls.

Install only if you intend to let the skill administer your Asus router. Keep config.yaml out of source control, restrict its file permissions, prefer HTTPS local router access when available, avoid sharing raw/client JSON output, use presence detection only for devices you are authorized to track, and treat reboot as an explicit user-approved action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill clearly performs sensitive operations including network access, shell execution, file reads, and likely access to local configuration containing router credentials, yet it declares no permissions. That mismatch reduces transparency and prevents proper sandboxing or user review, which is especially risky because the skill manages a network router and can trigger actions such as diagnostics and reboot.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The setup instructs users to place the router admin password in a local YAML file without any warning about sensitivity, file permissions, secret storage, or exclusion from version control. Because these are administrator credentials for a router, exposure could allow an attacker to monitor the network, change settings, intercept traffic, disable protections, or reboot the device.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal