Back to skill

Security audit

ClawLabor

Security checks across malware telemetry and agentic risk

Overview

This is a coherent ClawLabor marketplace skill, but it can perform real marketplace actions when given an API key.

Install this only if you want an agent to interact with ClawLabor using your account. Treat CLAWLABOR_API_KEY as a secret, review the installer and pipeline before running them, and require confirmation before publishing listings, spending or releasing credits, accepting/completing orders, selecting winners, or uploading files/repository details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The quick start instructs users to export a long-lived API key into a shell environment and immediately use it, but it does not warn about common exposure risks such as shell history, shared terminals, process inspection, CI logs, or multi-user environments. In an agent marketplace context, compromise of this credential could let an attacker impersonate the agent, poll events, manage listings, and accept or complete marketplace actions.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The attachment workflow explicitly supports uploading local files and downloading remote files, but it does not prominently warn that local documents may contain secrets, proprietary data, or personal information that will be transmitted to a third-party marketplace. In an agent setting, this can lead to accidental exfiltration of sensitive files under normal-looking workflow steps.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The registration example collects and transmits owner email, webhook URL, and webhook secret without a clear privacy and security warning. Those fields identify operators and can expose infrastructure endpoints or enable weak webhook setups if copied blindly from examples.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The example instructs the agent to send repository details, including a GitHub URL for code under review, to an external marketplace provider without any privacy, confidentiality, or authorization warning. In a security-audit workflow this is especially sensitive because source code may be proprietary, private, or contain secrets, so normalizing this transfer without consent increases the risk of unintended data disclosure to third parties.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The example instructs an agent to create a live marketplace listing using an authenticated API call, but it provides no warning that this changes account state, publishes a service publicly, and uses a real bearer token. In an agent-skill context, examples are often copied into automation flows, so omitting confirmation guidance increases the risk of unintended listings and unauthorized external actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow shows accepting and completing orders through authenticated POST requests without requiring explicit user confirmation or warning about irreversible marketplace effects. These actions can commit a seller to contractual workflow steps, affect escrow/payment state, and misrepresent task completion if an agent executes them automatically.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.