ClawHub

302ai Api Integration Skill

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a real 302.AI integration helper, but it is overbroad and asks users to provide API keys in chat.

Install only if you specifically want 302.AI-centered API integration help. Do not paste live production API keys into chat; use environment variables or a limited test key, review generated code before running it, and avoid sending private or regulated data to 302.AI unless that is intended.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill explicitly instructs use of networked tooling and outbound HTTP requests but does not declare corresponding permissions. That creates a governance gap: reviewers and users are not clearly informed that the skill will transmit prompts, API keys, and integration context to external services.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The README instructs users to invoke the skill for very broad, natural-language requests such as general API or AI capability needs. In an agent environment, this can cause overbroad or unintended activation, increasing the chance the skill is applied in contexts where external API lookup, code generation, or credential prompting is unnecessary or risky. The skill metadata explicitly says to 'ALWAYS use this skill when user needs ANY API functionality,' which makes the broad triggering guidance more dangerous, not less.

Vague Triggers

High
Confidence
95% confidence
Finding
The skill says it should ALWAYS be used for any API functionality and to activate proactively whenever AI or APIs are mentioned. Such broad triggers can hijack unrelated requests, cause unnecessary external lookups, and pressure users into providing secrets even when not needed.

Vague Triggers

High
Confidence
96% confidence
Finding
The trigger list covers extremely common concepts like 'any AI functionality,' 'API needs,' and broad media-processing terms, with no exclusion boundaries. In context, this makes the skill more dangerous because it can activate on a large fraction of ordinary conversations and steer them toward external vendor workflows and secret collection.

External Transmission

Medium
Category
Data Exfiltration
Content
url = f"{BASE_URL}{endpoint}"

    try:
        response = requests.post(url, headers=headers, json=data)
        response.raise_for_status()
        return response.json()
    except requests.exceptions.RequestException as e:
Confidence
93% confidence
Finding
requests.post(url, headers=headers, json=

External Transmission

Medium
Category
Data Exfiltration
Content
url = f"{BASE_URL}{endpoint}"

    response = requests.post(url, headers=headers, json=data, stream=True)

    for line in response.iter_lines():
        if line:
Confidence
89% confidence
Finding
requests.post(url, headers=headers, json=

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal