ClawHub

Moltext

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a documentation-compilation helper whose network access, local output files, package install, and optional LLM credentials fit its stated purpose.

Install only if you are comfortable with npm installing the moltext package and with the skill fetching documentation URLs you provide. Use a scoped API key if enabling OpenAI, review compiled files before feeding them back into an agent, and avoid running it on private or sensitive sources unless you understand where the content and credentials go.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill is framed for extremely broad use—'learn any tool, library, or app instantly'—without clear activation boundaries, trust constraints, or exclusions for sensitive sources. In an agent setting, that increases the chance the skill will be invoked on untrusted or inappropriate targets and will ingest adversarial documentation or unsafe instructions as authoritative context.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The instructions direct the agent to access arbitrary URLs over the network and write results to a local file, but omit any disclosure, consent, or guardrails around those side effects. This is dangerous because agents may perform outbound requests to attacker-controlled sites and persist untrusted content locally, enabling data exposure, unsafe file writes, or later prompt/context injection when the saved file is read back.

VirusTotal

50/50 vendors flagged this skill as clean.

View on VirusTotal