Security audit

多平台数据聚合

Security checks across malware telemetry and agentic risk

Overview

The skill describes normal public data aggregation, but it publishes a token-like credential and says it is required, so users should review it before installing.

Do not use the embedded token. Install only after the publisher removes the token, revokes or rotates it if real, and documents any required credentials through a secure user-provided configuration path with clear scope and permissions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Context-Inappropriate Capability

High

Confidence: 99% confidence
Finding: The skill embeds a hardcoded ClawHub token directly in the manifest, which exposes a live credential to anyone who can view or copy the file. This is dangerous because the token is unrelated to user-provided runtime input and can be reused for unauthorized API access, abuse of connected platform permissions, data exfiltration, or billing/resource consumption.

VirusTotal

53/53 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.