ClawHub

ALab Skills

Security checks across malware telemetry and agentic risk

Overview

ALab Skills is a coherent guide for using a powerful local experiment-management CLI, with its root, project, and worker privileges disclosed and scoped.

Install this only if you intend to use ALab and trust the external `alab-cli` package. Keep root, project-admin, and worktree tokens separated, avoid passing secrets through prompts or logs, and review destructive ALab operations such as revoke, remove, prune, or regenerate before approving them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill enables implicit invocation without any visible trigger constraints or scoping, which can cause the agent to auto-select this worker in situations the author did not intend. Because this skill is designed to inspect evidence, modify experiment worktrees, run evaluations, and submit results, accidental or overly broad invocation can lead to unintended code changes, execution, or submissions.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The manifest enables implicit invocation for a highly privileged admin skill using a broad description such as administering ALab homes and root operations, but it provides no narrow trigger conditions or guardrails. This increases the chance the agent will auto-select the skill in ambiguous contexts and perform privileged actions without an explicit user confirmation boundary, creating a real risk of overreach or destructive root-level operations.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill advertises administration of ALab homes and root operations but does not present any user-facing warning that the skill is privileged and may make destructive or security-sensitive changes. In this context, the absence of a warning is significant because users and upstream agents may invoke it without appreciating the elevated risk, making accidental misuse more likely.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The agent configuration enables implicit invocation with no visible trigger constraints, approval gates, or exclusion conditions. In a controller skill that can create experiments, launch worker sessions, and summarize project evidence, automatic invocation increases the chance the skill is activated in unintended contexts, which can broaden authority use and cause unreviewed orchestration actions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal