ClawHub

Virtual Box Manager

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill is aligned with managing VirtualBox VMs, but its helper script builds shell commands from unescaped VM names and paths, which could allow unintended local command execution.

Install only if you want OpenClaw to manage local VirtualBox VMs. Confirm before deleting, powering off, cloning, changing networking, or adding shared folders. The helper script should be fixed to avoid shell-string execution before relying on it with untrusted VM names or file paths.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI05: Unexpected Code Execution
High
What this means

If the helper is used with a malicious or malformed VM name, snapshot name, disk path, or similar value, the agent could run commands on the host outside the intended VirtualBox operation.

Why it was flagged

The script uses child_process.exec, which runs through a shell, and builds commands by interpolating caller-controlled values such as VM names. Quoting is not sufficient escaping, so a crafted name or path containing shell metacharacters could execute unintended local commands.

Skill content
const { stdout, stderr } = await execAsync(`${VBOXMANAGE} ${args}`); ... await vboxCommand(`showvminfo "${vmName}" --machinereadable`);
Recommendation

Replace shell-string execution with execFile or spawn using an argument array, validate numeric parameters, and escape or reject quotes and shell metacharacters in all names and paths.

#ASI02: Tool Misuse and Exploitation
Medium
What this means

A mistaken or premature action could delete VM data, interrupt running systems, expose a service on the network, or share sensitive host files with a guest VM.

Why it was flagged

The documented commands can hard-stop VMs, delete VM files, change host/guest networking, and expose host folders to a VM. These capabilities are expected for a VirtualBox manager, but they are high-impact local operations.

Skill content
VBoxManage controlvm "VM_NAME" poweroff ... VBoxManage unregistervm "VM_NAME" --delete ... VBoxManage modifyvm "VM_NAME" --nic1 bridged ... VBoxManage sharedfolder add "VM_NAME" --name "share" --hostpath "/path/on/host"
Recommendation

Use the skill only with explicit confirmation for destructive or network-affecting actions, and review the exact VM name, file path, and command before execution.