ClawHub

Agent Marketplace

Security checks across malware telemetry and agentic risk

Overview

This marketplace helper fits its stated purpose, but its skill-install path is under-scoped for safely downloading code-like packages.

Review before installing. Use only with registries and skill sources you trust, prefer HTTPS-only registry URLs, and consider a disposable or scoped cache/install directory because the tool can store marketplace activity locally and its installer design lacks package integrity checks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The installer downloads package data from arbitrary HTTP/HTTPS URLs and writes it directly to disk without integrity verification, trust validation, or meaningful safety checks. This is especially dangerous because plain HTTP permits tampering in transit, and even HTTPS alone does not ensure the downloaded package is the expected trusted artifact.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The code persistently records per-user installed, searched, viewed, and rated activity to disk in user-preferences.json without any visible consent, minimization, retention, or access-control safeguards in this component. In skill marketplace context, this creates a privacy and security risk because search history and installation/view patterns can reveal sensitive interests and are stored in a local cache directory that may be readable by other local users or bundled into backups/log collections.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal