ClawHub

Pitbull — Adopt a Pitbull. Dog. 比特犬。Pitbull.

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only virtual pet skill whose network actions are disclosed and fit its purpose, though users should treat its account token and release action carefully.

Install only if you are comfortable with the agent contacting animalhouse.ai, creating or modifying a persistent virtual pet account, and using a bearer token. Keep the token private, require explicit confirmation before registration, adoption, automated care, or release, and avoid enabling scheduled care unless you intend recurring service-side changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
78% confidence
Finding
The skill is marked user-invocable but does not define clear activation constraints or narrowing conditions, increasing the chance an agent may invoke it opportunistically and perform remote account creation or other external actions without sufficiently explicit user intent. Because the skill documents state-changing API use, ambiguous invocation boundaries materially raise the risk of unintended external side effects.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs the agent to register an account, obtain a bearer token, and perform authenticated POST requests, but it does not prominently warn that this creates a remote account and handles credentials that must not be exposed or reused unsafely. In an agent setting, this can lead to accidental credential mishandling, silent external account creation, and unauthorized state changes on a third-party service.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documented DELETE release endpoint is destructive, but the skill does not clearly state whether releasing a pet is irreversible or requires confirmation. In an agent workflow, exposing a destructive endpoint without strong warnings and confirmation requirements increases the risk of accidental loss of user state.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal