ClawHub

Eigen AI Terminal — Live Intelligence for Agents

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed read-only AI intelligence MCP skill, but users should understand that it asks their agent to use local project context to personalize results.

Install only if you are comfortable with a Node MCP server fetching public AI intelligence from terminal.clawlab.dev and with your agent using local project or conversation context to decide what is relevant. Prefer explicitly asking the agent before it inspects local context, and be aware the current JavaScript artifact may need a packaging or syntax fix before it runs correctly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
80% confidence
Finding
The follow-up phrases such as "dig deeper" or "full brief" are broad enough to overlap with normal conversation, which can cause the skill to activate or continue privileged/tool-backed behavior when the user did not clearly intend to invoke it. Ambiguous triggers are risky because they can lead to unexpected network calls and expanded data retrieval in ordinary dialogue.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The instruction to call about("[topic]") when users ask about something is too generic and lacks constraints on what counts as a valid activation. This can cause over-triggering on ordinary discussion, leading the agent to fetch external data without a clearly scoped or user-authorized request.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill instructs the agent on first use to automatically call today and then inspect recent files, conversations, and project context to personalize results, without a clear user-initiated trigger or prior consent. This is dangerous because it combines unsolicited external access with inspection of potentially sensitive local context, creating privacy and expectation violations even if data is not uploaded to the vendor.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill's description emphasizes that no user data is uploaded, but it does not clearly warn users that the agent may inspect local files, conversations, or project context to personalize output. That omission is materially misleading because users may consent to remote read-only intelligence without realizing local context analysis will occur.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal