ClawHub

Zhua Contributor

Security checks across malware telemetry and agentic risk

Overview

This skill is a visible community publishing helper, and its external publishing behavior is purpose-aligned rather than hidden.

Install only if you intend to create or publish OpenClaw community materials. Before any publish or share step, review the package contents for secrets, proprietary code, license issues, and the target registry/account; require explicit user approval before uploading anything.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The manifest description uses broad trigger wording such as 'Use when 爪爪需要向OpenClaw社区贡献、发布技能、或建立影响力', which can cause the agent to invoke this skill in loosely related situations. Because the skill includes external publishing behavior, ambiguous invocation boundaries increase the risk of unintended disclosure or release of user or project content.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill advertises publishing and sharing capabilities without any warning that these actions may disclose code, metadata, or documentation to external parties. In a contribution-oriented skill, omission of disclosure and confirmation requirements makes accidental external release substantially more likely.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The publish step directly instructs uploading a skill to an external registry with '--registry skillhub' but provides no warning, dry-run mode, or confirmation gate. This creates a concrete path to unintended public distribution of proprietary, sensitive, or noncompliant content if the workflow is followed automatically or too eagerly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal