ClawHub

1p.io Shortlink API

Security checks across malware telemetry and agentic risk

Overview

This is a normal 1p.io short-link skill, but it tells agents to automatically send arbitrary long URLs to an external service and includes organization link deletion without clear confirmation safeguards.

Install only if you are comfortable with agents sending URLs to 1p.io. Ask the agent to confirm before shortening links, and avoid using it for private documents, reset links, signed downloads, internal URLs, or URLs containing tokens or personal data. Grant delete or edit permissions only when needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The activation guidance is overly broad because it triggers not only when the user explicitly asks to shorten a link, but also whenever the agent is about to send any URL longer than 80 characters or merely wants to share a cleaner link. This can cause unintended invocation and silent transmission of user URLs or generated links to an external third-party service without clear user consent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The description says the skill will automatically shorten long URLs, but it does not warn that URLs and associated metadata will be sent to 1p.io, an external service. URLs often contain sensitive query parameters, document identifiers, or internal endpoints, so omission of this disclosure creates a real privacy and data-handling risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill exposes a delete capability for short links but does not state that deletion is destructive or require explicit confirmation before use. An agent following these instructions could delete organization links unintentionally or based on ambiguous user requests, causing loss of access or disruption for other users in the org.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal