ClawHub

Luke Find Skills

Security checks across malware telemetry and agentic risk

Overview

This skill is a skill finder, but it can steer broad requests into persistent third-party skill installs while skipping install confirmations.

Review this skill before installing. Use it only when you explicitly want to search for or install new skills, inspect the target skill's publisher and repository first, and avoid allowing global `-g -y` installs unless you intentionally want a persistent user-level change without an interactive confirmation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger description is very broad, covering generic requests like 'how do I do X' and 'can you do X'. In an agent environment, this can cause the skill to activate for many ordinary queries and steer users toward discovering or installing third-party skills unnecessarily, increasing exposure to untrusted packages and tool invocation.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The usage guidance lists ambiguous activation conditions like generalized capability questions and vague expressions of interest in help. This increases the chance of over-triggering, which can redirect routine user interactions into package discovery and installation flows, creating unnecessary supply-chain and consent risks.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documentation tells the agent it can install a skill using a global install and the '-y' flag to suppress confirmation prompts, without any safety warning or requirement for explicit user approval. This is dangerous because it enables silent installation of third-party code from external sources at user scope, magnifying the impact of malicious or mistaken package selection.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal