ClawHub

3D Vision and Graphics Research

Security checks across malware telemetry and agentic risk

Overview

The inspected skill materials are disclosed ClawHub maintenance workflows with no malware signals, but they are intended for trusted repo or staff operators.

Install or use these skills only in a trusted ClawHub maintenance environment. Pay special attention before using staff moderation, production migration, email, or autoreview helper flows, because they can affect real users, production data, or local sandbox boundaries when invoked with the needed credentials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal