ClawHub

ic-search

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed electronic-component lookup tool, but users should know it sends search queries to an external supplier API over unencrypted HTTP.

Install only if you are comfortable sending component part numbers, quantities, and procurement intent to the listed supplier service. Avoid confidential BOMs, customer-specific sourcing requests, or sensitive purchasing plans unless the publisher moves the API to HTTPS and narrows/clarifies when external lookups occur.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger conditions are broad enough to activate on ordinary discussion of parts, pricing, inventory, or quantities, which can cause unintended invocation of the skill. Because the skill sends user-provided search content to an external third-party endpoint, over-triggering increases the chance of unnecessary data disclosure and unintended network actions.

Vague Triggers

Low
Confidence
81% confidence
Finding
The usage section includes generic command patterns such as broad search phrasing that lack clear boundaries, making accidental matches more likely. On its own this is a lower-severity issue, but in this skill it still matters because any mistaken activation results in an outbound request containing the user's query.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill sends search queries to a third-party API over plain HTTP and places the full search content in the URL query string, but does not warn users. This exposes potentially sensitive part numbers, procurement intent, quantities, or business context to interception, logging by intermediaries, browser/tool history, and server logs.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation instructs clients to send user-controlled search content in a GET query string over plain HTTP, which exposes the query to network observers and to logging systems such as proxies, browser history, and server access logs. Because the documented use case includes part numbers and procurement requests, the skill context increases the sensitivity: business search intent and supplier activity may be leaked even if the payload is not obviously secret.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script sends user search terms to a remote API over plain HTTP, which exposes the full query to passive network observers and allows active attackers to tamper with responses in transit. Because this is a test client that may be used with real part numbers or procurement-related queries, the skill context makes the issue more meaningful rather than less, even though it does not directly handle passwords or obvious secrets.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal