ClawHub

git-mender

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed GitHub issue-fixing workflow that can edit local code and open pull requests only after user approval.

Install this only if you want an agent that can modify a local checkout and use your existing GitHub CLI account for GitHub operations. Review the diff before approving commit, push, fork, or PR creation, and be cautious running it on untrusted repositories because project tests and linters can execute repository code.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The manifest description states that the skill will automatically fix issues, analyze code, and submit pull requests, but it does not warn users that it may make repository changes and initiate outbound actions on their behalf. In an automation skill that can read repository state and produce code changes, lack of clear disclosure increases the risk of users invoking it without understanding that it may modify code and create PRs, leading to unintended changes or trust abuse.

Vague Triggers

Low
Confidence
81% confidence
Finding
The description is broadly framed as automatically fixing GitHub issues without clearly constraining when it should be invoked or what prerequisites must be met. Overly broad invocation language can cause the skill to trigger in situations where the user did not intend full repository analysis and automated remediation, increasing the chance of inappropriate automation and accidental code modification.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal