ClawHub

Bonito

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Bonito onboarding guide with expected API, CLI, and optional Docker demo steps, but users should handle keys and credentials carefully.

Install this only if you intend to use Bonito. Use non-sensitive test prompts, keep gateway keys and provider credentials out of chat logs, screenshots, source control, and shared terminal output, and review the optional Atlas repository and Docker Compose file before running the demo.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill instructs users to run local Python scripts and shell commands and to make outbound network requests, but it does not declare corresponding permissions. Undeclared network/shell capabilities weaken security review and user consent because the skill can induce actions with system and external connectivity effects that are not surfaced up front.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The invocation description is very broad and covers many generic user intents around AI setup, deployment, routing, orchestration, and MCP integration. This can cause the skill to activate in situations the user did not intend, increasing the chance that credential-handling or shell/network instructions are injected into unrelated conversations.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill provides a credential-bearing curl example using a gateway API key but gives no warning about secret handling, shell history exposure, terminal logging, or safe storage. In an onboarding context, users commonly copy-paste commands, so omission of key-safety guidance materially raises the risk of accidental credential disclosure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal