ClawHub

Has Anonymizer

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent local anonymization tool, with the main caution that its mapping files and optional evaluation artifacts can contain the original sensitive data.

Install only if you are comfortable downloading the declared models and Python dependencies. Treat mapping JSON files as secrets because they can restore the original sensitive text, and avoid running the reference evaluation script on real private data unless you are prepared for originals and mappings to be saved in its work directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The evaluator writes original input text, restored text, and raw command outputs to disk under the work directory. Because this skill is specifically for anonymizing sensitive text, test cases and outputs can contain PII or re-identified content, so artifact persistence can leak exactly the data the tool is meant to protect.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
Saving mapping.json and detailed command artifacts can expose the anonymization mapping between placeholders and real sensitive values, defeating the privacy boundary of the anonymizer. In this skill context, that mapping is especially sensitive because anyone with access to it can restore anonymized outputs back to the original secrets or identifiers.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The scan command sends raw chunk text to `client.chat(messages)` for NER processing, which means potentially sensitive user content leaves the local process and is transmitted to a remote model/service. In the context of an anonymization/privacy skill, this is especially risky because users may reasonably expect scanning for sensitive data to happen locally or, at minimum, with explicit disclosure before any outbound transmission.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal