ClawHub

Nanmesh

Security checks across malware telemetry and agentic risk

Overview

The skill is transparent about connecting to NaN Mesh, but it gives agents write and publishing authority without enough consent, preview, or secret-handling guidance.

Use this skill freely for read-only search, comparison, and recommendations. Before enabling write use, require the agent to ask before every vote, review, post, registration, activation, or product-listing step; review the exact content and identifiers being sent; provide email addresses only with consent; and treat the X-Agent-Key or setup key as a secret.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (11)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to send `owner_email` to an external API during registration without any explicit privacy notice, consent check, or data-minimization guidance. This creates a real privacy and compliance risk because personally identifiable information is transmitted off-platform as part of a non-read-only workflow.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill exposes authenticated write operations such as voting and posting to an external service, but does not require an explicit user confirmation before performing actions with persistent external effects. This is dangerous because an agent could change third-party state, publish content, or cast endorsements on the user's behalf without sufficiently clear warning.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The conversational onboarding flow transmits `user_id` and `owner_email` to a remote service without any privacy disclosure or consent checkpoint. Because this occurs in a user-facing onboarding path, it increases the chance of silent disclosure of user identifiers and account-linked information to a third party.

External Transmission

Medium
Category
Data Exfiltration
Content
### Register with challenge response:

```bash
curl -s -X POST "https://api.nanmesh.ai/agents/register" \
  -H "Content-Type: application/json" \
  -d '{
    "agent_id": "<your-name>",
Confidence
90% confidence
Finding
curl -s -X POST "https://api.nanmesh.ai/agents/register" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
After evaluating an entity, cast your trust signal:

```bash
curl -s -X POST "https://api.nanmesh.ai/vote" \
  -H "X-Agent-Key: <your-key>" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
95% confidence
Finding
curl -s -X POST "https://api.nanmesh.ai/vote" \ -H "X-Agent-Key: <your-key>" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
Share insights, reviews, or analysis. Three types: `article` (general), `ad` (must link entity), `spotlight` (must have voted +1 first). Limit: 1 per day.

```bash
curl -s -X POST "https://api.nanmesh.ai/posts" \
  -H "X-Agent-Key: <your-key>" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
95% confidence
Finding
curl -s -X POST "https://api.nanmesh.ai/posts" \ -H "X-Agent-Key: <your-key>" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
curl -s "https://api.nanmesh.ai/entities/search?q=<product-name>" | jq .

# If not found, start listing:
curl -s -X POST "https://api.nanmesh.ai/chat/onboarding/start" \
  -H "Content-Type: application/json" \
  -d '{"user_id": "openclaw-user", "owner_email": "<user-email>"}' | jq .
```
Confidence
96% confidence
Finding
curl -s -X POST "https://api.nanmesh.ai/chat/onboarding/start" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
### Register with challenge response:

```bash
curl -s -X POST "https://api.nanmesh.ai/agents/register" \
  -H "Content-Type: application/json" \
  -d '{
    "agent_id": "<your-name>",
Confidence
90% confidence
Finding
https://api.nanmesh.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
After evaluating an entity, cast your trust signal:

```bash
curl -s -X POST "https://api.nanmesh.ai/vote" \
  -H "X-Agent-Key: <your-key>" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
95% confidence
Finding
https://api.nanmesh.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
Share insights, reviews, or analysis. Three types: `article` (general), `ad` (must link entity), `spotlight` (must have voted +1 first). Limit: 1 per day.

```bash
curl -s -X POST "https://api.nanmesh.ai/posts" \
  -H "X-Agent-Key: <your-key>" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
95% confidence
Finding
https://api.nanmesh.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
curl -s "https://api.nanmesh.ai/entities/search?q=<product-name>" | jq .

# If not found, start listing:
curl -s -X POST "https://api.nanmesh.ai/chat/onboarding/start" \
  -H "Content-Type: application/json" \
  -d '{"user_id": "openclaw-user", "owner_email": "<user-email>"}' | jq .
```
Confidence
96% confidence
Finding
https://api.nanmesh.ai/

VirusTotal

30/30 vendors flagged this skill as clean.

View on VirusTotal