ClawHub

Income Brain

Security checks across malware telemetry and agentic risk

Overview

This skill openly aims to research, generate, save, and publish monetized skills, but it does not clearly require user approval or limit where it writes and deploys.

Review this carefully before installing. Only use it in a disposable workspace or with explicit dry-run controls, and do not let it publish, sync, or use platform credentials unless you have reviewed the generated skills and approved each target platform action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill is framed as an open-ended autonomous system that researches demand, generates new SKILL.md files with full code, deploys them across multiple marketplaces, retries failures, and updates itself, but it provides no bounded trigger conditions, approval gates, or operational limits. This creates a real safety and security risk because an agent could interpret the description as permission for continuous self-directed actions affecting files, external services, and marketplace accounts without explicit user authorization.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill describes autonomous file generation, earnings/data tracking, web research, and simultaneous publication to external platforms, yet it does not warn the user about those behaviors or the associated risks to local files, credentials, privacy, platform policy compliance, and financial accounts. In context, this omission is especially dangerous because the skill is explicitly designed to act on market data and deploy artifacts broadly, increasing the chance of unauthorized changes, data leakage, spammy behavior, or costly external actions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal