ClawHub

Gemma Gemma3

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only skill for using a local Ollama Herd fleet router, with disclosed local-network model use and no evidence of hidden execution, exfiltration, or destructive behavior.

Before installing, verify the ollama-herd PyPI package and upstream repository, and only run the router/node on machines you trust. Prompts, documents, generated-image prompts, and uploaded audio may be processed by devices in your local fleet, so avoid sensitive data unless that local network and its logs are acceptable for your use case.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill is presented as a Gemma 3 serving skill, but the document also exposes unrelated capabilities such as image generation, speech-to-text, embeddings, and other model families. That scope mismatch can mislead users and agents into invoking broader network-accessible functionality than expected, increasing the chance of unintended data handling or misuse.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The skill promotes privacy benefits but does not clearly warn that prompts and other inputs are sent over the local network to a router and potentially to other fleet devices. Users may incorrectly assume strictly local, single-machine processing and disclose sensitive data without understanding the transmission path.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The speech-to-text example uploads a local file to the service without any warning about the sensitivity of audio contents or where the file will be processed. This can cause accidental disclosure of meetings, personal conversations, or regulated data across the fleet.

External Transmission

Medium
Category
Data Exfiltration
Content
### Image generation
```bash
curl -o image.png http://localhost:11435/api/generate-image \
  -d '{"model": "z-image-turbo", "prompt": "a gemstone catching light", "width": 1024, "height": 1024}'
```
Confidence
72% confidence
Finding
curl -o image.png http://localhost:11435/api/generate-image \ -d '{"model": "z-image-turbo", "prompt": "a gemstone catching light", "width": 1024, "height": 1024}' ``` ### Speech-to-text ```bash cu

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal