ClawHub

gitlab-commit-report

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it collects GitLab group push activity from a logged-in browser session and writes local daily reports, but users should handle the stored workplace activity data carefully.

Install only if you are authorized to collect activity for the configured GitLab group. Protect or periodically delete the generated JSON and Markdown files, be deliberate before enabling cron collection, verify config.json before running, and use report dates in YYYY-MM-DD form until path validation is added.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The README explicitly describes reusing an authenticated browser session to collect GitLab group activity and storing raw push-event data locally, but it provides no warning about privacy, retention, access control, or consent expectations. This can lead operators to deploy the skill in ways that expose employee activity data, commit metadata, or internal repository information without adequate safeguards, especially when combined with cron-based unattended collection.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The skill persists raw commit activity into dated JSON files but does not prominently warn users that repository names, authors, commit IDs, messages, and timestamps will be stored on disk. This can lead to unintended retention of sensitive internal development data, especially on shared machines or systems with backups and broad filesystem access.

Known Vulnerable Dependency: axios==1.6.0 — 10 advisory(ies): CVE-2025-62718 (Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF); CVE-2026-42044 (Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `pars); CVE-2026-25639 (Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig) +7 more

High
Category
Supply Chain
Confidence
98% confidence
Finding
axios==1.6.0

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal