ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cyber Kev Triage

v0.1.0

Prioritize vulnerability remediation using KEV-style exploitation context plus asset criticality. Use for CVE triage, patch order decisions, and remediation...

0· 385·2 current·2 all-time
byMuhammad Mazhar Saeed@0x-professor
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (KEV-style triage) matches the provided artifacts: a scoring method, guidance doc, and a Python script that ingests vulnerabilities/assets and produces prioritized output. No unrelated credentials, binaries, or resources are requested.
Instruction Scope
SKILL.md instructs the agent to run the bundled script and read the included triage-method. The script only reads the provided input file, maps assets, computes scores, and writes an output artifact; it does not access other system paths, environment variables, or external endpoints. Guardrails in SKILL.md (no exploit payload generation) align with the code.
Install Mechanism
Instruction-only skill with no install spec. The only executable is a bundled Python script; there are no downloads or external packages installed by the skill.
Credentials
No required environment variables, credentials, or config paths are declared or used. The script accepts an input file path and an output path only, which is proportionate to the triage function.
Persistence & Privilege
The skill is not marked always:true and does not modify other skills or system-wide settings. It runs on demand and does not request elevated persistence.
Assessment
This skill looks coherent and runs locally on a provided JSON payload; it does not request keys or make network calls. Before use: (1) review the script yourself (it's short and readable) and run it in a controlled environment, (2) ensure input JSON is from a trusted source (it may contain sensitive asset data), (3) choose safe output paths to avoid overwriting important files, and (4) confirm the scoring thresholds and criticality mappings match your organization's policy. The code has some basic input assumptions (e.g., CVSS parsed as a float); malformed fields may raise errors, so validate inputs first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c7jxsw92s60yx75fa0ctc5h81w6da

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments