ClawHub

Vlmrun Cli Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward VLM Run CLI integration, with expected remote-service, API-key, package-install, and artifact-cache risks that users should understand before using it.

Before installing, verify that you trust the vlmrun package and service, use a dedicated VLM Run API key, and avoid sending confidential images, videos, PDFs, contracts, invoices, meeting recordings, or prompts unless you are comfortable with external processing and local artifact caching.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill metadata advertises very broad trigger phrases such as 'generate an image/video', 'analyze this image/video', and 'process this PDF', which overlap with many ordinary user requests. This can cause the skill to activate unexpectedly and route user content to an external service without a clear, deliberate invocation boundary, increasing the risk of unintended data exposure and tool misuse.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill is designed to upload images, videos, and documents to the VLM Run/Orion external service, but it does not prominently warn users that their files and prompts will be transmitted off-box. Because the covered inputs include sensitive media and PDFs, users may unknowingly send confidential or regulated data to a third party.

Missing User Warnings

Low
Confidence
91% confidence
Finding
The documentation encourages session continuation and notes local artifact caching, but it does not warn that prior conversation context, uploaded inputs, and generated artifacts may persist locally and possibly remotely as part of the session. This can lead users to reuse sessions containing sensitive material without understanding the retention and cross-task exposure risks.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal