ClawHub

End-to-end encrypted .md documents for agents & humans to collaborate. This is a multiplayer alternative to gog and Google Docs that lets people (via CLI) and agents create, search and sync encrypted markdown docs. This service leverages https://ddocs.new which can be enabled locally or via your preferred cloud set-up to make docs accessible across any device or chatbot interface in complete privacy.

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed encrypted-document connector, but users should treat its share links as secrets and confirm permanent deletes.

Install only with a Fileverse server URL you operate or trust. Do not paste or forward ddoc links unless you intend to grant access, because the link includes key material. Ask the agent to identify the exact document and get confirmation before deleting or overwriting important documents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill exposes a permanent delete capability and even promotes deletion workflows, but it does not instruct the agent to require explicit user confirmation before invoking that destructive action. In an agent setting, ambiguous prompts like 'delete the old draft' can easily lead to irreversible data loss, especially because the document may also be propagated to external storage systems.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill tells agents to always return the document link, but the documentation elsewhere states that the link contains the encryption key in the URL fragment. Encouraging routine sharing of that full URL without warning effectively treats the decryption secret as a normal output, increasing the risk of accidental disclosure through chat logs, screenshots, browser history sync, or forwarding to unintended recipients.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal