ClawHub

Fzf Fuzzy Finder

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent fzf usage guide, but some optional examples can delete files, kill processes, or change Docker/Kubernetes resources if copied and run carelessly.

Install only if you want fzf command-line help and are comfortable reviewing shell snippets before running them. Avoid or modify the destructive examples to add confirmation, verify Docker and Kubernetes context before running admin commands, and do not add the history replay alias unless you fully understand that it can immediately re-run prior commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill is nominally about fuzzy finding, but it also documents interactive workflows for deleting files, killing processes, removing Docker images, deleting Kubernetes pods, and entering containers. In an agent-skill context, bundling high-impact administrative actions into a selection helper increases the chance that users or downstream automation invoke destructive commands without sufficient safeguards or scope validation.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The alias `fh='history | fzf | awk "{print \$2}" | xargs -I {} sh -c "{}"'` takes shell history, extracts a field, and re-executes it through `sh -c`. This creates unjustified command-execution capability from prior terminal history, making it easy to replay dangerous or malformed commands and introducing parsing/quoting issues that can execute something other than what the user intended.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation includes destructive patterns like `fzf -m | xargs rm` without any cautionary note, dry-run option, or confirmation step. In a skill consumed by users or agents, presenting destructive one-liners as normal examples materially increases the risk of accidental data loss and unsafe copy-paste execution.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal