ClawHub

Remoting

Security checks across malware telemetry and agentic risk

Overview

This skill intentionally shares a live terminal, but it can expose an interactive public session with weak activation wording and limited safeguards.

Install only if you intentionally want to create a public, interactive terminal. Treat the generated URL like a password, use it only in non-sensitive directories, stop it immediately when finished, and avoid sharing sessions that may expose credentials, private files, or privileged shells.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The invocation examples use broad phrases like 'Open in browser' and 'Remote access to this terminal' that can match common user requests without clearly signaling that the action will expose a live interactive terminal over a public tunnel. In this skill’s context, accidental activation is especially dangerous because it enables remote viewing and command interaction with the current session, potentially exposing sensitive data or allowing unauthorized actions.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill describes exposing the current Claude Code session as a public web terminal and notes that anyone with the URL can interact, but it does not present a strong upfront warning about confidentiality, integrity, and remote-command-execution risk. Because the session is interactive and public-facing through a tunnel, users may unintentionally expose secrets, active shells, or privileged environments to third parties.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal