ClawHub

Git-Map

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but it can change ArcGIS web maps using account credentials through an unauthenticated local server and loosely scoped CLI calls.

Install only if you need ArcGIS web map version control and trust gitmap-core. Use scoped ArcGIS tokens or a limited account, prefer environment variables over per-call passwords, keep the local server stopped when not actively using it, and review any push, pull, branch delete, clone, init, or raw CLI request before allowing it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The skill documents push and pull operations that can modify remote ArcGIS Portal state without clearly warning users about overwrite, synchronization, or unintended publication risks. In an agent setting, this increases the chance that a user or automated workflow invokes state-changing operations without understanding the potential to alter production maps or overwrite others' changes.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Building credential-bearing CLI flags exposes secrets to process listings, shell history in some integrations, audit logs, and orchestration telemetry that may capture argv. In an agent/skill environment, this is more dangerous because platform logging and multi-tenant observability can leak command-line arguments beyond the immediate process.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal