ClawHub

FastapiAdmin WSL 自动部署

Security checks across malware telemetry and agentic risk

Overview

This FastapiAdmin WSL2 deployment skill is coherent, but it tells an agent to make broad privileged system changes without enough safeguards.

Use this only in a fresh or disposable WSL2 Ubuntu environment, or after backing up Nginx and confirming no existing local services depend on it. Review the cloned repositories and dependency files, replace the default database password, and split privileged Nginx changes into manual review and confirmation steps before installing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill description is broadly scoped to generic FastapiAdmin deployment requests, which can cause over-activation in contexts where the user did not explicitly consent to invasive system changes. Because the skill performs package installation, service startup, configuration replacement, and network exposure, accidental activation materially increases the chance of unsafe modifications.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
These instructions overwrite the global Nginx configuration and remove the default site without an explicit warning, backup step, or confirmation gate. In a real environment this can disrupt existing services, break unrelated virtual hosts, and cause denial of service through misconfiguration.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
The skill creates a database account with a predictable hard-coded password and grants it full privileges on the application database, without any security warning or prompt to change it. Default credentials are a common compromise vector and become especially risky if MySQL is later exposed beyond localhost or reused in other environments.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal