ClawHub

openproof-skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent OpenProof publishing CLI that can upload chosen research files and save an API token, with disclosure caveats but no hidden or malicious behavior found.

Install this only if you intend to use OpenProof and are comfortable sending selected files to its service. Review files for secrets or confidential material before publishing, prefer OPENPROOF_TOKEN if you do not want a token file, and protect or rotate ~/.openproof-token as needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The publishing instructions encourage sending local files to a remote API but do not prominently warn that the full file contents leave the local system. In an agent setting, this increases the risk of accidental exfiltration of sensitive research, credentials, or proprietary data if the wrong file is selected or the user assumes publishing is purely local formatting.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The registration flow requests personal information (`name` and `email`) and states that an API key is saved locally, but it does not include a privacy/security warning about remote transmission and local credential persistence. Users may unknowingly disclose personal data and create a locally stored secret that could be reused by other processes or exposed through weak file permissions.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill stores and retrieves an API token from a predictable file in the user's home directory without setting restrictive permissions or clearly warning the user that long-lived credentials are being persisted locally. On multi-user systems or misconfigured environments, this can expose the token to other local processes or users, enabling unauthorized publication or account actions against the OpenProof service.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal