ClawHub

Lead Enricher - Explorium AgentSource

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Explorium lead-enrichment skill, but it needs Review because it handles API keys and sensitive lead/contact data with weak local containment.

Install only if you are comfortable using your Explorium account for lead enrichment and sending search filters, entity IDs, and matching records to Explorium. Prefer setting EXPLORIUM_API_KEY yourself rather than typing it into setup.sh, avoid call_reasoning for confidential searches, use private output locations for CSVs, and delete /tmp/agentsource_*.json files after runs that contain sensitive contacts or imported customer/prospect lists.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger description is very broad and overlaps with common business-research requests such as market research, export to CSV, and finding companies or people. Over-broad invocation can cause the skill to activate unexpectedly, leading to unintended external API calls, use of stored credentials, and transmission of user queries or uploaded list data to a third party.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The CLI writes full API results containing potentially sensitive company/contact data to predictable filenames in /tmp based only on a timestamp and command name. On multi-user systems or environments where /tmp is shared, other local users or processes may read, race, or pre-create these files, causing data disclosure or file clobbering because secure temporary-file creation and restrictive permissions are not used.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The CSV export command writes fetched or enriched data to any caller-supplied path without warning or safeguards, which can persist sensitive prospect/company records to broadly accessible locations. In this skill context, the exported dataset may include personal/business intelligence, so silent export increases the risk of accidental disclosure, syncing to shared folders, or insecure downstream handling.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documentation explicitly describes enrichment features that return personal email addresses and phone numbers for prospects, but it provides no privacy, consent, or lawful-use guidance. In a B2B lead-generation context, this omission increases the risk that users will collect and export sensitive personal contact data for spam, unlawful outreach, or noncompliant processing.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal