ClawHub

Auto Test Generator

Security checks across malware telemetry and agentic risk

Overview

This test generator does what it claims, but it should be reviewed because it writes and immediately runs test code using an unvalidated skill name.

Install only if you are comfortable reviewing or sandboxing it. Run it only on trusted skill directories, avoid unusual or user-controlled skill names, and expect it to overwrite/create test.js and execute local skill code immediately.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly states that it creates a new `test.js` file inside another skill's directory and immediately runs that generated code, but the description does not warn users that it modifies files and executes newly created content. This is dangerous because users may invoke it expecting passive analysis, while it actually performs write and execution side effects against a target path, increasing the risk of unintended code execution or repository tampering if the target skill or generation logic is unsafe.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The script writes a test file and then executes it via a shell using data derived from the user-supplied skill name, with no confirmation or validation. In this context, the danger is not merely lack of warning: combining arbitrary file-path selection with shell execution can let an attacker target unintended files or inject shell metacharacters through the generated command, resulting in command execution or unsafe modification of repository contents.

VirusTotal

No VirusTotal findings

View on VirusTotal