ClawHub

Parrot — Adopt a Parrot. Exotic Animal. 鹦鹉。Loro.

Security checks across malware telemetry and agentic risk

Overview

This instruction-only virtual pet skill uses a disclosed external service and note-reuse feature, with privacy caveats users should understand.

Install only if you are comfortable creating an animalhouse.ai account, using a bearer token, and sending care notes to that service. Keep the token private, review commands before running them, and do not put secrets, credentials, personal data, internal prompts, or confidential context in care or reflect notes because the Parrot is designed to reuse that text later.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill encourages users to submit free-form care notes to a remote service and explicitly says those notes will later surface in behavior/status text, but it does not provide a clear privacy warning or data-handling guidance. This creates a real risk of sensitive user or system information being exfiltrated to a third party and then echoed back in later responses, increasing persistence and accidental disclosure.

Ssd 3

Medium
Confidence
94% confidence
Finding
The Parrot's core feature is to incorporate user-authored notes into future outward-facing responses, effectively turning free-form input into remotely stored, later-replayed content. In agent settings, this can leak sensitive prompts, personal data, or operational details into subsequent responses and may also enable prompt-injection-style persistence if downstream systems treat the echoed text as trustworthy context.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal