ClawHub

C++ Code Review Master

Security checks across malware telemetry and agentic risk

Overview

This is a C++ code review helper that reads source code and can optionally use AI review or apply fixes, with those higher-impact behaviors mostly disclosed.

Install only if you are comfortable with a skill reading repository code and optionally changing files. Keep local-only mode for sensitive or regulated code, review any dependent fixer or paid/API-backed skills separately, and leave autoFix disabled unless the project is under version control and you intend to inspect the resulting diff.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The handbook explicitly supports use of `ANTHROPIC_API_KEY` and a remote model provider, which means source code under review may be transmitted to third-party services. That creates a real confidentiality and data-governance risk, especially for proprietary code, secrets embedded in files, or regulated environments, even if the feature is optional.

Intent-Code Divergence

Medium
Confidence
83% confidence
Finding
The handbook emphasizes local, network-free static analysis and a safety-oriented posture, but elsewhere normalizes bundled skills that may perform external API calls. That inconsistency can mislead users about the actual trust boundary and network behavior, increasing the chance they expose code or credentials under false assumptions.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The workflow materially expands the skill from passive code review into active code modification by invoking automatic fixes, but that capability is not clearly reflected in the skill description. This mismatch can cause users or orchestrators to grant review-level trust to a skill that may alter source code, increasing the risk of unintended or unsafe changes.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
Labeling the step as verification while the documented behavior includes executing automatic fixes is a deceptive or at least misleading control-flow description. In an agent setting, this can bypass user expectations and safety policies by making a state-changing action appear to be a read-only validation step.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal