ClawHub

Ironclaw Pipeline Analytics

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate pipeline analytics skill, but it needs Review because it can query business data, save reports, and set up recurring report generation without clearly scoped user controls.

Review the skill before installing if your workspace contains sensitive CRM, sales, or customer data. Use it only with explicit pipeline datasets, prefer read-only SELECT-style queries, confirm output paths before saving reports, and only create cron jobs when you understand how to disable them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases are broad enough to match generic requests like 'create a report' or 'build a dashboard', which can cause the skill to activate outside narrowly intended CRM analytics use cases. That increases the chance the agent will execute data queries and produce analytics artifacts when the user did not explicitly intend to invoke this skill, creating unnecessary access to workspace data and potential over-collection or disclosure in chat output.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill documents saving reports to workspace files and setting up cron-based automatic generation, but the top-level description does not warn that persistent files may be created or that recurring jobs may continue to run. This can lead to silent persistence of potentially sensitive analytics outputs and unintended ongoing data processing without clear user awareness or consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal