ClawHub

Bug Audit

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate bug-audit skill, but it should be reviewed because its default audit playbook can push agents toward disruptive live testing without enough scope or safety gates.

Install only for audits of projects and systems you own or are explicitly authorized to test. Keep load, brute-force, replay, upload, and mutation tests in local or staging environments unless production testing is specifically approved, and do not copy the debug-log endpoint into production without authentication, redaction, retention limits, and environment gating.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The README advertises broad activation phrases such as "audit this project for bugs" and a Chinese equivalent without defining scope boundaries, which can cause the skill to trigger in situations where the user did not clearly request this specific capability. In an agentic environment, ambiguous activation increases the chance of unintended tool selection, unnecessary code exposure, or workflow hijacking away from a more appropriate skill.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The activation description includes broad phrases like 'audit', 'review', 'check bugs', and 'find vulnerabilities', which can cause the skill to trigger on ordinary requests that merely mention those concepts. Over-broad activation increases the chance this powerful auditing workflow runs in the wrong context, potentially causing unintended file inspection, excessive tool usage, or confusing handoff from a more appropriate skill.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation recommends a remote debugging endpoint that collects client-side error and runtime data and exposes retrieval over a simple HTTP route, but it provides no authentication, access control, retention limits beyond a small in-memory cap, or privacy guidance. In a security-audit skill, readers may copy this pattern directly into production or staging systems, which can leak stack traces, URLs, tokens, user data, or other sensitive diagnostics to unauthorized parties.

Missing User Warnings

High
Confidence
97% confidence
Finding
This playbook explicitly instructs auditors to run brute-force, replay, flooding, and abuse chains against every project, but it does not require proof of authorization, defined scope, or safety guardrails. In an agent skill, that omission is dangerous because the content can drive unauthorized or disruptive testing against real systems and normalize offensive actions without consent boundaries.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal