ClawHub

AIOZ Stream Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a legitimate AIOZ Stream account-management helper, but it gives the agent broad account-changing power and normalizes risky handling of API secrets and deletes.

Install only if you are comfortable letting the agent operate your AIOZ Stream account. Use limited or temporary AIOZ credentials where possible, confirm exact IDs before deletes or retries, rotate any API secret shown in chat, and avoid sharing transcripts that contain keys.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The retry guidance says the agent will automatically guide the user through deleting the failed media object as step 1, but it does not require an explicit confirmation before issuing the destructive DELETE. In a chat-driven agent, this creates a real risk of unintended data loss if the agent interprets a general retry request as authorization to remove an asset the user may want to inspect or preserve.

Ssd 3

Medium
Confidence
97% confidence
Finding
The skill explicitly instructs the agent to display a newly created API key secret in full. In an agent/chat environment, printing secrets into normal output can expose credentials in conversation history, logs, screenshots, integrations, or shared transcripts, turning a one-time secret into a broader compromise risk.

Ssd 3

Medium
Confidence
98% confidence
Finding
This behavior guideline creates a standing rule for the agent to reveal API key secrets in full whenever generated. A persistent instruction like this increases the chance of repeated credential exposure across sessions and makes accidental disclosure part of normal operation rather than an exception.

Ssd 3

Medium
Confidence
98% confidence
Finding
Repeating the instruction to immediately display newly generated secrets reinforces insecure handling of credentials and normalizes disclosure in chat output. Repetition in multiple sections makes the unsafe behavior more likely to be implemented consistently, increasing the exposure surface.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
### ⚠️ How to Retry
Clawbot will automatically guide you through the following steps:

1. Delete the failed media object       →  `DELETE /media/{media_id}`
2. Re-create the media object           →  `POST /media/create`
3. Check transcode cost before retrying →  `GET /media/cost` (verify `is_enough: true`)
4. Re-upload all chunks                 →  `POST /media/:id/part` (one per chunk with MD5)
Confidence
94% confidence
Finding
DELETE /media/{media_id}`

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal