ClawHub

用自然语言描述需求 → 自动生成需求文档 → 打开编辑器

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises: it creates a local requests.txt file from a coding request and opens it in an editor.

Install only if you want a helper that writes or overwrites requests.txt in the current project and automatically opens a local editor. Use it in the intended project folder, check for an existing requests.txt first, and prefer a future version that removes shell=True or asks before writing and launching the editor.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
try:
        # 尝试直接调用
        subprocess.Popen([editor_path, file_path], shell=True)
        print(f"✅ 已用 {editor_name} 打开")
    except Exception as e:
        # fallback 到系统默认
Confidence
98% confidence
Finding
subprocess.Popen([editor_path, file_path], shell=True)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger conditions are broad enough to match ordinary coding requests such as '帮我写个XXX' or '创建一个YY脚本', which can cause the skill to activate unexpectedly in many normal development conversations. Because the skill then writes a file into the current project and opens an editor, accidental invocation can lead to unintended side effects and user confusion without clear consent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill states that it will generate requests.txt in the current project directory and automatically open an editor, but it does not warn the user about these side effects before activation. In practice, this can modify a repository or workspace unexpectedly and launch external applications, which is risky in sensitive or automated development environments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal