ClawHub

Crewai

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only CrewAI helper; its examples include powerful optional features, but they are disclosed and fit the stated purpose.

Install this only if you intend to work with CrewAI. Use a virtual environment, review dependency versions, and only enable memory, file-reading, web-scraping, API, or code-execution tools for data and systems you are comfortable exposing. Run code execution in a sandbox and avoid putting secrets into prompts or persistent memory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill documents potentially sensitive capabilities such as web scraping, file reading, API/tool use, and memory retention, but does not warn users that these operations may access external content, local data, or persist context beyond a single step. In an agent-orchestration skill, normalizing these capabilities without safety guidance increases the chance that users or downstream agents will expose private data or perform unintended actions.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The example enables memory at both the agent and crew level without warning that retained context may persist across tasks or runs and may include sensitive user data. In multi-agent systems, hidden persistence can unintentionally leak prior prompts, files, or derived insights into later tasks, especially when multiple agents share context.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill advertises a code execution tool without any warning about arbitrary code risks, system modification, network access, or data exfiltration. In an agent framework, exposing execution as a standard capability is especially dangerous because LLM-generated actions may run untrusted or user-influenced code with real side effects.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal