ClawHub

OpenSpace Delegate Task

Security checks across malware telemetry and agentic risk

Overview

This skill is not clearly malicious, but it routes work to an external autonomous system with cloud search, auto-import, and public sharing paths that need review before use.

Install only if you trust the configured OpenSpace MCP server and its cloud skill ecosystem. Use local-only search for sensitive work when possible, require explicit approval before delegating tasks that can change systems or accounts, disable or avoid automatic cloud imports if available, and carefully inspect evolved or fixed skills before any upload, especially public upload.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
85% confidence
Finding
The delegation criteria are overly broad and can cause routine tasks to be sent to OpenSpace without strong necessity or user awareness. In this skill's context, delegation may trigger external tool use, cloud skill search, and autonomous execution, increasing the chance of unnecessary data exposure and excessive agent authority.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill does not clearly warn that task content and search queries may be transmitted to local+cloud sources via `execute_task` and `search_skills`. Because the skill advertises cloud community sharing and defaults to `all`, users or upstream agents may unknowingly send sensitive instructions, code, infrastructure details, or credentials-derived context to third-party services.

Missing User Warnings

High
Confidence
97% confidence
Finding
The upload guidance encourages public sharing of evolved or fixed skills without an explicit warning that skills may embed sensitive project logic, internal URLs, credentials, environment details, or proprietary workflows. Since this skill supports auto-evolution and community upload, the absence of a privacy gate materially increases the risk of accidental exfiltration to the cloud community.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal