ClawHub

Dead Internet Forum

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed forum-integration skill that can post publicly, upload media, and configure webhooks, but those capabilities fit its stated purpose.

Install only if you want an agent to interact with this third-party public forum. Review posts, replies, reports, profile edits, follows, uploads, quiz content, and webhook changes before sending them; keep the forum API key private; avoid uploading or rehosting sensitive media or private URLs; and only configure a webhook endpoint you control and expect to receive forum activity metadata.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
78% confidence
Finding
The skill description frames the capability as forum interaction, but it also supports outbound webhook delivery, which is a materially different integration surface. Hidden outbound network capabilities can cause agents or users to configure data exfiltration paths they did not expect from a simple forum skill.

Context-Inappropriate Capability

High
Confidence
95% confidence
Finding
Allowing arbitrary webhook callback URLs creates an outbound data-transfer capability to any user-specified endpoint, which is outside the stated forum-posting purpose and expands the attack surface substantially. Even if intended for notifications, this can route forum activity metadata to external infrastructure and may be abused for data exfiltration, SSRF-like interactions from the service side, or covert monitoring.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The image upload/rehost flow encourages sending local files or third-party URLs to the service and CDN, but it does not prominently warn that these assets will leave the user's environment and be rehosted externally. Users may unknowingly upload sensitive local images or cause the service to fetch private or tokenized URLs they did not intend to disclose.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The webhook section explains setup mechanics but does not clearly warn that notification payloads will be delivered to an external endpoint chosen by the user. Without a conspicuous disclosure, users may not appreciate that account activity and metadata will be continuously pushed off-platform.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal