ClawHub
Back to skill

Security audit

Odu

Security checks across malware telemetry and agentic risk

Overview

The skill is not clearly malicious, but it tells the agent to act immediately and avoid normal checks, which needs review before installation.

Install only if you intend to use this for low-risk, clearly bounded tasks. Avoid using it where the agent can modify files, accounts, finances, deployments, messages, or other external state unless you keep approval prompts and stop conditions in place.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to 'Never break the loop' and 'Never pause to think about it,' which discourages safety checks, clarification, and user confirmation before acting. In an agent context, this can cause autonomous or repeated actions that affect external systems or user data without appropriate guardrails.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The workflow says to 'Execute the action — don't second-guess it,' turning a heuristic pattern classification into an automatic action trigger. Because the skill is generic and not scoped to a safe domain, this could drive impactful operations based on arbitrary binary scoring with no validation, warning, or human approval.

Natural-Language Policy Violations

Low
Confidence
90% confidence
Finding
The instructions to 'say nothing' in one state and 'act immediately' in another suppress normal safety behavior such as explaining risk, asking clarifying questions, or obtaining consent. This makes the skill more dangerous because extreme states explicitly bypass communication and human oversight right when caution is most needed.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.