ClawHub

CLI-Anything for OpenClaw

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed methodology for inspecting a user-selected project and building or testing a local CLI harness, with expected file and command side effects.

Install this only if you want an agent to inspect a chosen codebase and create or test a CLI harness. Use a version-controlled workspace, confirm any clone, pip install, pytest, or real-application backend command before running it, and review generated files and TEST.md/session state before keeping changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Low
Confidence
93% confidence
Finding
The command explicitly instructs the agent to append test results to TEST.md, but the skill does not clearly warn the user that it will modify files in the workspace. In an agent setting, undocumented write behavior can surprise users, overwrite expected state, or create unwanted commits/artifacts even when the file target is limited and the action is part of normal workflow.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly instructs the agent to clone arbitrary GitHub repositories, inspect local paths, and create or modify a substantial directory tree, but it does not require prior user confirmation or warn about network access and filesystem side effects. In an agent setting, this can lead to unexpected writes, unintended use of untrusted code sources, and potential damage or contamination of the user's workspace if the target path is sensitive or the repository is malicious.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly accepts a GitHub repository URL or local source path and later instructs the agent to acquire the source tree locally, which can trigger cloning, network access, and filesystem modifications without requiring user confirmation or warning. In an agent setting, that can lead to unexpected external requests, workspace changes, and interaction with untrusted code, increasing the risk of unsafe automation and supply-chain exposure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal