ClawHub

Init Manager

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a real Init Manager integration, but it gives remote project settings too much authority over the agent and can write task updates to an external service.

Install only if you trust the Init Manager instance and the people who can edit its AI Guide settings. Use a least-privilege API token, keep the base URL pinned to an approved Init Manager domain, avoid sending secrets in task comments or updates, and review/confirm any status, assignment, or comment changes before they are posted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The invocation description is broad enough that an agent could select this skill in generic project-management situations, not just when explicit Init Manager interaction is intended. Because the skill can change task state and post comments to an external service, over-broad routing increases the chance of unintended side effects and data disclosure.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documentation does not clearly warn that using it will modify task records and send comments/status updates to an external service. That omission can cause an agent or operator to treat it like a read-only planning aid, leading to unintended writes, external transmission of work details, and workflow disruption.

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# Get all projects
curl -H "Authorization: Bearer $KEY" $URL/api/projects

# Check each project board for ready tasks assigned to you
curl -H "Authorization: Bearer $KEY" $URL/api/projects/$PID/board
Confidence
87% confidence
Finding
curl -H "Authorization: Bearer $KEY" $URL/api/projects # Check each project board for ready tasks assigned to you curl -H "Authorization: Bearer $KEY" $URL/api/projects/$PID/board # Pick up a task c

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal