ClawHub

tensorpool

Security checks across malware telemetry and agentic risk

Overview

This TensorPool skill is mostly aligned with cloud GPU migration, but it needs review because it can guide paid cluster use, remote code transfer, code edits, and raw secret-file handling without enough explicit user control.

Install only if you intend to use TensorPool for remote GPU work. Before using it, require explicit approval for package installs, SSH key creation, cluster creation, file transfers, .env or token handling, background jobs, persistent storage, and any code changes; avoid uploading raw secret files unless you have chosen a secure handling method.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases are broad enough to match common requests like running code faster or on GPU, which can activate the skill in contexts where the user did not specifically intend a cloud migration workflow. In this skill, unintended activation is risky because the workflow includes installing tools, provisioning paid GPU clusters, transferring code, and modifying scripts, increasing the chance of unnecessary remote execution or charges.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill instructs creating and transferring a .env file containing secrets such as HUGGINGFACE_TOKEN and WANDB_API_KEY, but provides no warning about minimizing secret exposure, avoiding persistence, or using secure secret injection methods. In a remote-cluster workflow, this can leak credentials through copied files, shell history, logs, shared home directories, or later rsync/scp operations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal