ClawHub

Facticity.AI Complete Integration

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Facticity.AI API integration, with privacy and scoping cautions but no artifact-backed malicious behavior.

Install only if you trust Facticity.AI with the claims, text, URLs, media links, transcripts, and account metadata involved. Prefer explicit slash commands, avoid sending secrets or confidential content, and protect the FACTICITY_API_KEY as a sensitive credential.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs users to submit raw claims, text, and third-party URLs to an external fact-checking service, including transcription of multimedia links, but it does not clearly warn that this content will leave the local environment and be processed by Facticity.AI. This can lead users or downstream agents to unintentionally transmit sensitive, private, copyrighted, or regulated data to a third party.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The routing rules are overly broad because multiple actions can trigger on generic shapes like 'input is a URL' or 'input is a task ID' rather than explicit commands. In a command-dispatch skill wired directly to http.request, this can cause unintended external requests, misroute user content to the wrong endpoint, and increase the chance of accidental data disclosure to a third party.

Vague Triggers

Medium
Confidence
91% confidence
Finding
Phrases such as 'input is a claim to fact-check' and 'user wants to check API credits' leave invocation boundaries undefined, which invites ambiguous interpretation by the agent. In this skill, ambiguous interpretation is risky because it directly controls outbound HTTP requests and may send user content or account-related queries without a clearly expressed command.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill directs raw user text and URLs, including potentially sensitive video links and transcripts, to an external API without a clear privacy notice or consent boundary. Because the feature includes automatic transcription and claim extraction, users may unknowingly transmit private or regulated content to a third party.

Ssd 3

Medium
Confidence
94% confidence
Finding
The instruction to return API responses verbatim is dangerous for the credits endpoint because the response includes account-associated data such as email and masked API key material. Even partially masked secrets and account identifiers should not be echoed automatically, especially in shared chat logs or downstream tool contexts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal