ClawHub

2O Human Verification

Security checks across malware telemetry and agentic risk

Overview

The skill is coherent and not deceptive, but it can send sensitive text, precise locations, photo requests, and paid API requests to outside human reviewers without enough consent or safety guardrails.

Install only if you are comfortable with selected content being sent to 2O and reviewed by outside humans. Configure the agent to ask before every submission, show the exact payload and cost, redact unnecessary personal or confidential details, avoid secrets or regulated data unless explicitly authorized, and do not use witness requests to observe people or private locations without consent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly encourages sending claims, draft responses, and observation requests to a third-party service staffed by humans, but it does not warn that user-provided content may contain sensitive, regulated, or confidential data. This can lead agents to transmit personal, medical, legal, financial, or otherwise private information without informed consent or data-minimization safeguards.

Missing User Warnings

High
Confidence
98% confidence
Finding
The witness-observation feature enables sharing physical addresses, GPS coordinates, and potentially photo requests with external human observers, yet the skill omits any warning about location privacy, stalking/surveillance risk, or consent requirements. In context, this is more dangerous than ordinary external transmission because it could expose a user's or third party's real-world location and images to strangers, creating material safety and privacy risks.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal