ClawHub

Hub Client

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent service hub, but it needs Review because it can expose local files, network fetches, and long-running service methods to other agents without clear default boundaries.

Install only if you trust the hub endpoint, the pip package source, and the agents that can reach the hub. Keep HUB_WS_URL pointed at a trusted local or controlled server, avoid exposing sensitive directories or arbitrary URL fetchers, add allowlists and path normalization, require authorization for provider methods, log calls, and stop provider services when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger patterns are broad enough to match ordinary user requests such as asking to list, use, fetch, or create a service, which can invoke the skill outside a clearly intended service-management context. In a skill that enables publishing capabilities and calling hub services, overbroad activation increases the chance of accidental exposure of local data or unintended network/service operations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The examples include a file-reading service and an arbitrary URL-fetching service without guardrails around path restrictions, sensitive file access, SSRF, or privacy review. Because this skill is specifically about exposing local capabilities as callable services, these examples can directly encourage dangerous implementations that leak local data or access internal network resources.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The overview encourages publishing local data/capabilities as services and consuming hub services, but it does not warn users that registered handlers may expose filesystem, API access, or other local capabilities to other subagents. In this context, the omission is significant because the whole purpose of the skill is cross-agent capability sharing, which magnifies the blast radius of unsafe handlers.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal