ClawHub

Agency Agents Router

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed agent router that can delegate tasks to installed agents, with no artifact-backed evidence of hidden credential access, exfiltration, or destructive behavior.

Install this only if you want your main OpenClaw agent to route ordinary natural-language tasks to other installed agents. Review the third-party agency-agents package before installing it, and be mindful that delegated tasks may share the task context with multiple sub-agents and may use web search for factual work.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The README describes the skill as handling tasks whenever a user "just describe[s] what you need," which is an overly broad natural-language trigger surface. In an agentic environment, this can cause accidental activation on ordinary requests and unintended delegation to other installed agents, increasing the chance of prompt-scope confusion, data overexposure to subagents, or surprising autonomous actions.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The usage section states that users can describe tasks in natural language and the skill will automatically analyze, select, and orchestrate agents, but it does not define boundaries on when this should or should not trigger. That ambiguity makes unintended invocation more likely and can lead to unauthorized or unnecessary routing of user prompts to multiple agents, amplifying privacy and control risks in proportion to the number of available agents.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal