ClawHub

Loopuman

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it advertises, but users should review it because it sends task content to external human workers, can spend account credits, and stores a long-lived API key locally.

Install only if you are comfortable sending task instructions and any included content to Loopuman and external human workers. Do not submit secrets, credentials, private documents, customer data, regulated personal data, or proprietary material unless it is authorized and redacted. Keep budgets small while testing, protect the local API key file, and use only webhook URLs and apiUrl settings you control or trust.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill invokes shell commands (`curl`, config file creation, and referenced `scripts/loopuman.sh`) but does not declare permissions accordingly. This creates a transparency and policy-enforcement gap: users and platforms may not realize the skill can execute local shell actions and make network requests. In a skill that submits tasks to an external service and stores API keys locally, undeclared shell capability increases operational risk.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The core function of this skill is to send user-provided task content to third-party human workers, yet the documentation does not prominently warn about privacy, confidentiality, or data-sharing risks. Users may unknowingly expose sensitive prompts, customer data, images, addresses, or proprietary content to external humans outside their organization. Because disclosure to humans is the main feature, the missing warning materially increases the chance of inappropriate data exposure.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The create command transmits arbitrary user-supplied title and description content to a third-party human-task platform, potentially exposing sensitive data to both the remote service and human workers. In this skill's context, externalizing task content is core functionality, which makes the data exposure expected but still security-relevant if users are not clearly warned before sending sensitive material.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The cancel command performs a destructive remote DELETE operation immediately, with no confirmation prompt or safety flag. In an agentic context, where commands may be composed or parameterized automatically, this raises the chance of accidental task cancellation, service disruption, or financial impact from mistaken operations.

External Transmission

Medium
Category
Data Exfiltration
Content
Get your API key (one command, no auth needed):

```bash
curl -X POST https://api.loopuman.com/api/v1/register \
  -H "Content-Type: application/json" \
  -d '{"email": "you@example.com", "company_name": "Your Name", "promo_code": "LOBSTER"}'
```
Confidence
91% confidence
Finding
curl -X POST https://api.loopuman.com/api/v1/register \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
Get your API key (one command, no auth needed):

```bash
curl -X POST https://api.loopuman.com/api/v1/register \
  -H "Content-Type: application/json" \
  -d '{"email": "you@example.com", "company_name": "Your Name", "promo_code": "LOBSTER"}'
```
Confidence
91% confidence
Finding
https://api.loopuman.com/

Session Persistence

Medium
Category
Rogue Agent
Content
## Setup

Create the config file with your Loopuman API key:

```bash
mkdir -p ~/.openclaw/skills/loopuman
Confidence
87% confidence
Finding
Create the config file with your Loopuman API key: ```bash mkdir -p ~/.openclaw/skills/loopuman cat > ~/.openclaw

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal