ClawHub

Stainless Chain Analyzer

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only business analysis skill; its main caution is to use approved sources and authorized customer data.

Before installing or using it, confirm that any company names, customer IDs, payment history, credit data, or due-diligence queries may be shared with the market-data, business-record, API, or web-search providers you choose to use. The skill itself is just guidance and does not install code or store data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly describes collecting customer risk data such as litigation, credit, and business records from external sources, but it provides no notice that customer identifiers or queries may be sent to third-party services. This creates a real privacy and compliance risk because users may submit identifiable company or customer data without understanding that it will be disclosed externally.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The documented data sources include external APIs, commercial databases, and web/news search providers, yet the skill does not warn users that their prompts, company names, customer IDs, or other business-sensitive inputs may be transmitted to those services. In a business intelligence context, this can expose confidential customer relationships or due-diligence activity to third parties and create regulatory or contractual issues.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal