ClawHub

OpenAssetSearch

Security checks across malware telemetry and agentic risk

Overview

This looks like a purpose-aligned asset search skill, but users should know it sends search terms to an external service and may return unreviewed third-party files.

Install only if you are comfortable with asset search queries being sent to a third-party service. Avoid using sensitive project names, private filenames, client data, or confidential prompts in searches, and review returned files for licensing, safety, and suitability before downloading or embedding them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill's activation guidance is broad enough that an agent may invoke it for routine user requests involving images, audio, or files without clearly signaling that data will be sent to an external third-party service. That increases the chance of unintended data disclosure, especially if user prompts contain sensitive project details, filenames, or proprietary context embedded in the search query.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The example trigger phrases like 'find me a...' or 'get me an image of...' are generic enough to match ordinary conversation, which can cause over-invocation of the skill. In practice, this can route user intent to an external search endpoint when the user may have only been asking for discussion, brainstorming, or locally generated help, creating unnecessary external data exposure.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill does not warn users that their search terms are transmitted to an external HTTP service, despite encouraging wide use for many common requests. This omission undermines informed consent and can leak sensitive keywords, internal project names, or other private context to a third party, even if the endpoint itself is intended for benign asset search.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill's invocation guidance is overly broad and maps to common user requests like finding or getting files, which can cause the agent to call this external search skill in many ordinary conversations without making the external data transfer explicit. Because the service searches real user-uploaded content and returns direct download URLs, unintended activation can expose users to unreviewed third-party content and create privacy, safety, and consent issues.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The example trigger phrases are highly generic, such as requests to find or get an image or model, increasing the chance of accidental skill activation when the user may only want advice, brainstorming, or local assistance. This can cause the agent to contact an external service and surface direct-download links to untrusted content without sufficiently clear intent from the user.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill does not warn users that it retrieves real user-uploaded content from an external service and returns direct public download URLs. In this context, the absence of disclosure is risky because users may not realize their query is being sent off-platform or that the returned files may be unmoderated, copyrighted, explicit, or otherwise unsafe.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal