ClawHub

bioinfo-style

Security checks across malware telemetry and agentic risk

Overview

This is a bioinformatics workflow skill that openly uses shell scripts, R Markdown, and Conda/Mamba tooling for reproducible local analysis.

Install this only if you expect the agent to run local bioinformatics commands, create scripts/logs/reports, and possibly create or update Conda/Mamba environments. Review generated commands before running them on valuable data or shared systems, and run analyses in an isolated project directory or environment when possible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger condition includes broad language such as "any analysis task requiring mature bioinformatics tools," which can cause the skill to activate for loosely related or ambiguous requests. In an agent setting, overbroad activation can lead to unintended shell execution, package installation, and file creation in contexts where the user did not clearly request those actions.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs the agent to write and execute shell scripts for every step, but it does not clearly warn users that this will modify the local environment and filesystem. In practice, this can cause unexpected command execution, creation of scripts and outputs, and changes to working directories or installed tooling without informed consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The examples include creating new Conda/Mamba environments and installing packages, which are system-affecting operations with storage, network, and dependency side effects. Without a clear warning or approval step, an agent following this skill could perform nontrivial local changes the user did not anticipate.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal