ClawHub

Ai Sdk Ui

Security checks across malware telemetry and agentic risk

Overview

This is a coherent AI SDK UI documentation/template skill, but several examples need privacy and XSS hardening before being copied into production.

Install only if you want AI SDK UI examples and are comfortable reviewing templates before production use. Do not copy the unsafe HTML rendering example as-is; sanitize or avoid raw HTML. Add privacy notices and retention controls for chat history, exports, and file attachments, especially when user messages or images may be sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The documentation recommends transforming message content into HTML and rendering it with dangerouslySetInnerHTML, even though chat content is inherently untrusted and may be model- or user-controlled. This creates a straightforward DOM XSS path if crafted content includes executable markup or if future formatting rules become more permissive.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The example normalizes sending user chat contents to an API endpoint and upstream model provider without any privacy, consent, retention, or sensitive-data handling guidance. In a UI integration skill, this omission is more concerning because developers may copy the example directly into production-facing chat interfaces, leading to unintended transmission of personal, confidential, or regulated data.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The markdown example renders AI-generated message content without any warning that the content is untrusted. In an AI chat UI skill, omission of safety guidance is significant because developers may enable raw HTML/plugins or assume markdown rendering is always safe, increasing the chance of XSS or unsafe link handling in downstream implementations.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The persistence example stores full chat history in localStorage without warning about privacy, retention, and exposure risks. Chat transcripts often contain prompts, secrets, personal data, or tool outputs, and localStorage is readable by any script running on the origin, making this risky in the event of XSS or shared-device access.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The export/import example encourages handling full chat transcripts as JSON without warning that these files may contain sensitive or malicious content. Export can leak confidential data, while import of unvalidated JSON can reintroduce harmful content into the UI or application state and may later trigger unsafe rendering paths.

Missing User Warnings

Medium
Confidence
69% confidence
Finding
The guide encourages sending file attachments through chat requests without warning that attached content may be transmitted to backend services or third-party model providers. In an AI chat UI skill, that omission increases the risk of accidental disclosure of sensitive files, especially because developers may copy the example directly and expose end users to silent data-sharing behavior.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This component persists full chat histories to browser localStorage automatically, which can expose sensitive prompts, model outputs, or personal data to anyone with access to the browser profile or to any script running in the same origin after an XSS compromise. The UI mentions that conversations are saved, but it does not provide explicit consent, retention controls, or safeguards appropriate for potentially sensitive chat content.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The component sends selected image attachments to '/api/chat' without any explicit user-facing notice that files will be transmitted to a backend service for model processing. In a chat UI handling potentially sensitive photos, this can cause unintended disclosure of personal or confidential data because users may interpret the feature as local preview/analysis rather than server-side upload.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal