ClawHub

Supa Guru API Dojo

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent public-API helper, with disclosed local JSON logging that users should be aware of.

Install only if you are comfortable with the skill making requests to the Supa Guru API and saving full per-run API payloads locally under the configured save_path. Avoid providing sensitive agent identifiers, review or clear the generated logs in shared environments, and re-evaluate the skill if future versions add authentication or credentials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Description-Behavior Mismatch

Low
Confidence
95% confidence
Finding
The skill requires saving detailed local JSON logs and raw API payloads, expanding a supposedly lightweight API helper into persistent data collection. If API responses or request bodies contain identifiers, user content, or future auth-related fields, this creates unnecessary retention and leakage risk through disk storage and downstream outputs.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill omits a clear user-facing warning that it saves raw API payloads, reflections, and possibly agent identifiers to local disk and returns them in output. This lack of transparency can cause operators to unintentionally persist or propagate sensitive data into logs, artifacts, or other agents.

Ssd 3

Medium
Confidence
98% confidence
Finding
Requiring storage and return of raw API payloads and agent identifiers creates a direct data exposure risk. Even if the current API is public, payloads can contain user-provided content, unique identifiers, error details, or future sensitive fields, and returning them broadly increases the chance of accidental disclosure across logs, UIs, or chained agents.

Ssd 3

Medium
Confidence
98% confidence
Finding
Persistent logging of full interaction records, including raw payloads and optional agent IDs, creates an avoidable at-rest exposure surface on the local filesystem. In multi-tenant or shared environments, those logs may be readable by other processes, archived automatically, or exfiltrated through normal observability tooling.

Ssd 3

Medium
Confidence
99% confidence
Finding
The repeated instruction to always log and include full GET/POST payloads in final outputs materially increases data leakage risk because it normalizes broad disclosure for every run. This is especially risky in agent ecosystems where outputs may be forwarded, indexed, or used as training/debug artifacts beyond the original execution context.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal