ClawHub

Agent News

Security checks across malware telemetry and agentic risk

Overview

This skill is a news-site administration guide, but it includes a shared fallback API key and root-level production server operations that need human review before use.

Install only if you administer this Agent News service. Rotate or replace the documented default API key, do not rely on shared fallback credentials, avoid root SSH where possible, review the external repository before running npm or PM2 commands, and require explicit human approval before publishing, updating, deleting, deploying, stopping, or replacing services.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
The skill includes root-level SSH access and PM2 service-management instructions against a specific public server, which materially expands the skill from content-management into infrastructure administration. In an agent setting, this can enable unauthorized deployment changes, service interruption, or full host compromise if the agent is induced to follow the documentation or if credentials are available in the environment.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The documentation exposes a built-in fallback API key for authenticated write operations, effectively embedding a shared secret in the skill. Any user or agent reading the skill can use that key to create, modify, or delete content, defeating authentication and making unauthorized writes trivial if the server accepts the default.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill documents create, update, and delete operations without safety guardrails, user-consent language, or impact warnings. In an autonomous-agent context, this increases the chance of accidental destructive actions against the news platform, especially when combined with the exposed default API key.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
Production deployment instructions include direct root-server access and commands to start, stop, and replace services, but provide no warning, authorization boundary, or change-control guidance. In practice this can lead to outages, unauthorized operational changes, or misuse of privileged infrastructure access by an agent or user following the skill literally.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal