ClawHub

clawhub-skill-remote-agent

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward remote-agent bridge that sends the provided query to a configured endpoint, with privacy and TLS cautions but no hidden or destructive behavior found.

Install this only for remote agents you control or trust. Treat anything sent through it as shared with that remote service, use a scoped and revocable REMOTE_AGENT_KEY if needed, verify REMOTE_AGENT_URL before use, and avoid --insecure except in controlled testing with non-sensitive data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documentation and examples clearly indicate access to environment variables and outbound HTTP communication, but the skill does not declare permissions commensurate with those capabilities. This creates a transparency and policy-enforcement gap: operators may approve or invoke the skill without understanding that it can read configuration secrets and transmit user data to a remote service.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The activation guidance is broad enough that the skill could be selected for many vaguely 'domain-specific' requests, causing user prompts to be forwarded externally when a local answer may have sufficed. In this skill's context, unintended invocation is more dangerous because invocation implies network transmission to an external agent, potentially exposing sensitive or regulated data.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill states that it delegates tasks over a standard HTTP interface but does not provide a clear warning that user requests may be transmitted to an external system outside the local agent boundary. This is especially dangerous because the suggested use cases include enterprise, financial, and legal domains, where prompts may contain confidential, personal, or regulated information.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal