ClawHub

Agent Team Coordinator

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only multi-agent orchestration template; its network/API-key examples are purpose-aligned but should be handled carefully if implemented.

Reasonable to install as a design/reference skill. Before turning the examples into production code, make provider calls configurable, protect and scope the OpenAI API key, disclose what context leaves the environment, add user approval for high-impact tools, enforce state-transition checks, and define how agent memory is stored and cleared.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
80% confidence
Finding
The skill is presented as orchestration/design documentation, but its example code performs real outbound API calls using an environment-sourced API key and sends task content, context, and tool definitions to a third party. In a skill context, this creates a data exfiltration and unintended network-access risk if users copy or run the sample without understanding its security implications.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The code claims to define state-transition rules, but the transition method never enforces canTransition before mutating session state. This can allow invalid state changes that break control flow, bypass expected safety gates, or leave agents in inconsistent states that other logic may incorrectly trust.

External Transmission

Medium
Category
Data Exfiltration
Content
}
  
  protected async callLLM(messages: Message[]): Promise<Response> {
    const res = await fetch('https://api.openai.com/v1/chat/completions', {
      method: 'POST',
      headers: { 'Authorization': `Bearer ${process.env.OPENAI_API_KEY}` },
      body: JSON.stringify({ model: this.config.llm.model, messages, tools: this.config.tools.map(t => t.definition) })
Confidence
89% confidence
Finding
fetch('https://api.openai.com/v1/chat/completions', { method: 'POST'

External Transmission

Medium
Category
Data Exfiltration
Content
}
  
  protected async callLLM(messages: Message[]): Promise<Response> {
    const res = await fetch('https://api.openai.com/v1/chat/completions', {
      method: 'POST',
      headers: { 'Authorization': `Bearer ${process.env.OPENAI_API_KEY}` },
      body: JSON.stringify({ model: this.config.llm.model, messages, tools: this.config.tools.map(t => t.definition) })
Confidence
89% confidence
Finding
https://api.openai.com/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal