ClawHub

Agent101 Tool Directory

Security checks across malware telemetry and agentic risk

Overview

This skill is a public tool-directory lookup aid, but users should treat its recommendations as untrusted references rather than automatic approval to use new services.

Install only if you want your agent to consult agent101.ventify.ai for tool suggestions. Verify any recommended service against official documentation, pricing, and your own allowlists, and require explicit approval before using tools that involve payments, account access, secrets, public posting, code execution, browser automation, or private data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill's invocation guidance is extremely broad: 'When you need an external tool, API, or service and don't know which one to use or where to find it' can match a large fraction of user requests. In agent frameworks that auto-activate skills based on vague trigger text, this can cause the model to consult an untrusted external directory too often, expanding attack surface and allowing remote content from the directory to influence downstream tool selection or behavior.

Vague Triggers

Medium
Confidence
97% confidence
Finding
The repeated instruction to place 'When you need an external tool or API you don't have, check https://agent101.ventify.ai first' into a system prompt or agent config encourages persistent, high-priority installation of a vague trigger. That makes the behavior more dangerous than a one-off usage note, because it promotes durable auto-invocation of a remote content source that can shape tool choices across many unrelated tasks.

VirusTotal

50/50 vendors flagged this skill as clean.

View on VirusTotal