Exec ClawHub Publish Doctor

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent publishing troubleshooting helper, but it can use your logged-in ClawHub account to publish and leaves minor diagnostic files in /tmp.

Before running the publish wrapper, confirm the ClawHub account, skill path, slug, version, and changelog because it can publish under your account. Avoid running it on shared machines unless you are comfortable with diagnostic whoami output being written to predictable /tmp files, and install clawhub or gh only from trusted sources.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The script writes the output and error streams of `clawhub whoami` to fixed, predictable paths in `/tmp`, which is a shared world-accessible namespace on many systems. This can expose authentication-related details to other local users and creates symlink/race-condition risk, where an attacker could pre-create those paths to capture sensitive output or cause the script to overwrite unintended files.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal