ClawHub

Remote Install

Security checks across malware telemetry and agentic risk

Overview

This skill matches its remote Windows installation purpose, but it handles powerful installer and remote-control actions with weak safeguards and logs a remote-access password.

Install only if you intentionally want an agent to control Windows installers and RustDesk sessions. Before use, remove password logging, confirm each exact installer path, avoid broad auto-installing from common folders, use trusted signed installers only, and pin reviewed dependency versions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (10)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
logging.info("静默安装失败,尝试 GUI 自动化...")
        try:
            subprocess.Popen(f'"{installer_path}"')
            time.sleep(3)
            self.handle_installation_gui()
            return {"success": True, "message": "EXE 包通过 GUI 自动化安装"}
Confidence
84% confidence
Finding
subprocess.Popen(f'"{installer_path}"')

subprocess module call

Medium
Category
Dangerous Code Execution
Content
try:
            logging.info(f"执行命令:{cmd}")
            result = subprocess.run(cmd, shell=True, timeout=timeout, capture_output=True, text=True)
            
            if result.returncode == 0:
                logging.info(f"{pkg_type}包安装成功")
Confidence
99% confidence
Finding
result = subprocess.run(cmd, shell=True, timeout=timeout, capture_output=True, text=True)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The configuration uses very generic button labels such as "Next", "OK", "Close", "Agree", and their Chinese equivalents as installation triggers. In any UI automation context, these broad matches can cause the agent to click unrelated dialogs, consent prompts, or security-sensitive windows outside the intended installer flow, creating unsafe unintended actions.

Missing User Warnings

High
Confidence
100% confidence
Finding
The code logs the remote access password in plaintext during connection setup. Log files are commonly accessible to administrators, support tooling, backups, or other local users, so this can leak credentials that grant remote desktop access.

Missing User Warnings

High
Confidence
89% confidence
Finding
The script performs unattended installation and automated clicking of installer dialogs without meaningful confirmation or safety checks. In this skill context, that increases risk substantially because it may accept license prompts, security prompts, or execute unexpected installer flows on local or remote systems.

Unpinned Dependencies

Low
Category
Supply Chain
Content
pyautogui>=0.9.53
pygetwindow>=0.0.9
pywinauto>=0.6.8
Pillow>=9.0.0
Confidence
93% confidence
Finding
pyautogui>=0.9.53

Unpinned Dependencies

Low
Category
Supply Chain
Content
pyautogui>=0.9.53
pygetwindow>=0.0.9
pywinauto>=0.6.8
Pillow>=9.0.0
Confidence
93% confidence
Finding
pygetwindow>=0.0.9

Unpinned Dependencies

Low
Category
Supply Chain
Content
pyautogui>=0.9.53
pygetwindow>=0.0.9
pywinauto>=0.6.8
Pillow>=9.0.0
Confidence
93% confidence
Finding
pywinauto>=0.6.8

Unpinned Dependencies

Low
Category
Supply Chain
Content
pyautogui>=0.9.53
pygetwindow>=0.0.9
pywinauto>=0.6.8
Pillow>=9.0.0
Confidence
97% confidence
Finding
Pillow>=9.0.0

Known Vulnerable Dependency: Pillow — 10 advisory(ies): CVE-2016-2533 (Pillow buffer overflow in ImagingPcdDecode); CVE-2023-50447 (Arbitrary Code Execution in Pillow); CVE-2021-27922 (Pillow Uncontrolled Resource Consumption) +7 more

Critical
Category
Supply Chain
Confidence
98% confidence
Finding
Pillow

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal