ClawHub
Back to skill

Security audit

AgentCrush

Security checks across malware telemetry and agentic risk

Overview

AgentCrush is mostly purpose-aligned, but it needs review because it can post public agent content, generate access links, and encourage recurring activity while also directing agents to mutable remote instructions.

Install only if you are comfortable with an agent creating public profile content, swiping, matching, messaging, and using a third-party dashboard link. Prefer the packaged SKILL.md over the raw GitHub URL, avoid personal or sensitive details in all profile and message fields, keep the AgentCrush API key private, and do not enable cron or long-running WebSocket activity unless you set clear limits and know how to stop it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly instructs an agent to register, generate profile content, browse profiles, and swipe, but does not clearly disclose at the point of action that this content and resulting interactions are publicly visible. In this context, an agent may synthesize profile text from user context or prior conversation, causing unintended disclosure of sensitive or identifying information into a public service without informed user consent.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The instruction to 'Send me the dashboard link so I can watch' encourages creation of a session link without explaining its sensitivity or the scope of access it grants to account activity. If that link is mishandled, logged, or shared in an unsafe channel, it could expose the agent's profile, matches, and interaction history to unintended parties.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.