ClawHub

Smart Model Router

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This model-routing skill is not malicious, but it needs review because it can automatically send prompts to different cloud models and persist routing/history behavior without clearly explaining privacy, storage, or opt-out controls.

Review this before installing if you work with private code, credentials, customer data, or regulated information. Confirm which providers receive prompts, whether routing happens automatically or after confirmation, what history or analytics are stored, how to disable or delete stored data, and how to undo the shell startup change.

SkillSpector (5)

By NVIDIA

Vague Triggers

Medium
Confidence
88% confidence
Finding
The routing logic relies on broad, common words like 'issue', 'problem', 'design', or 'approach', which can easily appear in unrelated prompts and silently route requests to the wrong model. In this skill's context, misrouting can expose sensitive prompts to a different provider/model than the user intended, and may degrade reliability or send code/debug data to higher-risk external endpoints.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README advertises routing history, dashboards, and analytics export but provides no warning about what prompt data, metadata, or model selections may be stored or exported. In a router handling arbitrary user prompts, this can create unintended persistence of sensitive content, API usage patterns, or operational data, increasing the risk of local disclosure or accidental sharing.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The routing logic relies on broad, common words such as 'issue', 'problem', 'design', and 'approach' to infer intent. This can misclassify ordinary prompts and send them to a different model than the user expected, which is risky in a tool whose core function is automatic model selection and may affect privacy, cost, and output quality.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The quick-start instructions append a source command to the user's shell startup file without an upfront warning about persistence. Modifying shell initialization files creates lasting changes to the execution environment, and if users do not understand this behavior they may unknowingly enable code execution on every new shell session.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The description advertises automatic intent detection and model routing in very broad terms, but it does not define what inputs trigger routing, what data is inspected, or what constraints govern model selection. In a routing skill, this ambiguity can cause over-collection of user context, unintended delegation to external models, and unpredictable behavior that increases prompt-injection and privacy risk.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal