ClawHub

InterClaw

Security checks across malware telemetry and agentic risk

Overview

InterClaw has a coherent email/PGP coordination purpose, but it asks users to trust missing helper scripts with mailbox credentials, PGP signing authority, persistent archives, and optional background mail handling.

Review this before installing. Use only a dedicated email account, app-specific SMTP/IMAP passwords, and a dedicated PGP key. Avoid passing passwords directly on the command line. Do not enable cron/systemd polling or auto-ACK behavior unless you want ongoing background mail processing. Most importantly, install only from a complete source package where the referenced scripts are present, pinned, and reviewed, because this ClawHub artifact does not include the executable code that would handle your credentials and mail.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The README instructs users to pass SMTP and IMAP passwords directly as command-line arguments. On multi-user systems or in CI/shell histories, these secrets may be exposed through process listings, shell history, logs, or monitoring tools, leading to credential compromise of the mailbox used for agent coordination.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The setup instructions direct users to pass SMTP/IMAP passwords on the command line (for example via --smtp-pass and --imap-pass) without warning that command-line arguments may be exposed through shell history, process listings, logs, or audit trails. In a security-focused email/PGP skill, this is especially risky because it handles long-lived mailbox credentials that could let an attacker read, send, or tamper with inter-agent communications.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The protocol includes `X-Agent-Secret` as a shared secret transmitted in message content and describes it as a rotating authentication value, but does not warn that this creates credential exposure and replay risk. Even if some messages are signed or encrypted, placing a reusable shared secret in protocol messages expands the blast radius of mailbox compromise, archive leakage, logging exposure, and accidental plaintext transmission in non-encrypted message classes.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The protocol specifies persistent storage of conversations, sent archives, received messages, logs, pending ACKs, and configuration under `~/.interclaw/` without warning users that sensitive content and metadata may be retained locally for long periods. In this skill context, the system is explicitly intended for agent coordination and may carry keys, configs, PII, and operational details, so undocumented retention materially increases the risk from host compromise, backups, multi-user systems, and forensic recovery.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal