ClawHub

URnetwork

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent proxy/VPN helper, but it asks agents to handle and reuse a bearer token and can provision proxy access too broadly.

Install only if you intend to let an agent use your URnetwork account to create proxy sessions. Treat auth codes and JWTs as secrets, avoid storing them in plain text or logs, rotate them if exposed, and require explicit confirmation before creating proxies, especially any bulk egress-IP/provider loop.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (8)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly instructs the agent to obtain a user auth code, exchange it for a JWT, and then store and reuse that JWT without any warning about credential sensitivity, storage protections, scope minimization, or user consent for reuse. Because this token is then used against external endpoints to provision proxy access, compromise or over-retention of the JWT could enable unauthorized network use and privacy exposure.

External Transmission

Medium
Category
Data Exfiltration
Content
When using the API or MCP server, the user JWT must be passed in an `Authorization: Bearer <JWT>` header.

To get the JWT, ask the human for an auth code, and then convert that auth code to a JWT using the API `/auth/code-login` route. An example curl is below, piped to jq to extract the by_jwt property from the result:

```
curl -X POST https://api.bringyour.com/auth/code-login -d '{"auth_code": "<AUTH CODE>"}' | jq ".by_jwt"
Confidence
89% confidence
Finding
curl is below, piped to jq to extract the by_jwt property from the result: ``` curl -X POST https://api.bringyour.com/auth/code-login -d

External Transmission

Medium
Category
Data Exfiltration
Content
Step 3, create a proxy using the saved country code using the /network/auth-client route and setting the proxy_config.initial_device_state to have country_code.

```
curl -X POST -H 'Authorization: Bearer <JWT>' https://api.bringyour.com/network/auth-client -d '{"proxy_config": {"initial_device_state": {"country_code": "<COUNTRY CODE>"}}}'
```
Confidence
82% confidence
Finding
curl -X POST -H 'Authorization: Bearer <JWT>' https://api.bringyour.com/network/auth-client -d '{"proxy_config": {"initial_device_state": {"country_code": "<COUNTRY CODE>"}}}' ``` ## Using the API t

External Transmission

Medium
Category
Data Exfiltration
Content
Step 3, create a proxy using the saved location_id using the /network/auth-client route and setting the the proxy_config.initial_device_state.location to have connect_location_id.location_id.

```
curl -X POST -H 'Authorization: Bearer <JWT>' https://api.bringyour.com/network/auth-client -d '{"proxy_config": {"initial_device_state": {"location": {"connect_location_id":{"location_id": "<LOCATION ID>"}}}}}'
```
Confidence
82% confidence
Finding
curl -X POST -H 'Authorization: Bearer <JWT>' https://api.bringyour.com/network/auth-client -d '{"proxy_config": {"initial_device_state": {"location": {"connect_location_id":{"location_id": "<LOCATION

External Transmission

Medium
Category
Data Exfiltration
Content
Step 4, by looping over each client_id in the list, create a proxy using the client_id using the /network/auth-client route and setting the the proxy_config.initial_device_state.location to have connect_location_id.client_id.

```
curl -X POST -H 'Authorization: Bearer <JWT>' https://api.bringyour.com/network/auth-client -d '{"proxy_config": {"initial_device_state": {"location": {"connect_location_id":{"client_id": "<CLIENT ID>"}}}}}'
```
Confidence
85% confidence
Finding
curl -X POST -H 'Authorization: Bearer <JWT>' https://api.bringyour.com/network/auth-client -d

External Transmission

Medium
Category
Data Exfiltration
Content
Step 3, create a proxy using the saved country code using the /network/auth-client route and setting the proxy_config.initial_device_state to have country_code.

```
curl -X POST -H 'Authorization: Bearer <JWT>' https://api.bringyour.com/network/auth-client -d '{"proxy_config": {"initial_device_state": {"country_code": "<COUNTRY CODE>"}}}'
```
Confidence
82% confidence
Finding
https://api.bringyour.com/

External Transmission

Medium
Category
Data Exfiltration
Content
Step 3, create a proxy using the saved location_id using the /network/auth-client route and setting the the proxy_config.initial_device_state.location to have connect_location_id.location_id.

```
curl -X POST -H 'Authorization: Bearer <JWT>' https://api.bringyour.com/network/auth-client -d '{"proxy_config": {"initial_device_state": {"location": {"connect_location_id":{"location_id": "<LOCATION ID>"}}}}}'
```
Confidence
82% confidence
Finding
https://api.bringyour.com/

External Transmission

Medium
Category
Data Exfiltration
Content
Step 4, by looping over each client_id in the list, create a proxy using the client_id using the /network/auth-client route and setting the the proxy_config.initial_device_state.location to have connect_location_id.client_id.

```
curl -X POST -H 'Authorization: Bearer <JWT>' https://api.bringyour.com/network/auth-client -d '{"proxy_config": {"initial_device_state": {"location": {"connect_location_id":{"client_id": "<CLIENT ID>"}}}}}'
```
Confidence
85% confidence
Finding
https://api.bringyour.com/

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal