ClawHub

Ansible

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate Ansible automation skill, but it ships high-impact playbooks and active real-looking server targets that could modify remote systems if run as documented.

Review and replace the bundled inventory before running anything. Use --list-hosts, --check, --diff, and --limit for mutating playbooks; confirm you have console or out-of-band access before SSH/firewall hardening; avoid disabling host key checking; reconsider passwordless sudo; and pin or review external package sources for production.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (8)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill documents playbooks that perform provisioning, security hardening, firewall changes, SSH reconfiguration, package installation, and service restarts, but it does not clearly warn users that these actions modify remote systems and can lock them out or disrupt services. In an agent skill context, lack of an explicit safety warning increases the chance of accidental destructive or availability-impacting execution.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
The troubleshooting advice suggests disabling SSH host key checking without warning that this removes host authenticity verification and enables man-in-the-middle attacks. In infrastructure automation, normalizing `host_key_checking = False` can cause users or agents to trust spoofed hosts and disclose credentials or execute commands on attacker-controlled systems.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The guide explicitly recommends disabling SSH host key checking as a troubleshooting option and labels it only as 'less secure'. Disabling host key verification removes protection against man-in-the-middle attacks and can normalize insecure operational practices, especially in automation where users may copy-paste the command into routine use.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This task grants the deploy user unrestricted passwordless sudo via `NOPASSWD:ALL`, which creates a powerful privilege-escalation path if that account or its SSH key is ever compromised. In an infrastructure automation role, this is especially dangerous because the role also provisions the account and installs its SSH key, making compromise of that identity equivalent to full root access.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This task downloads a repository signing key over the network and installs it into the system APT trust path using a shell pipeline. While this is a common setup pattern, it changes package trust configuration and relies on a live remote fetch without an integrity check such as a pinned fingerprint or checksum, which increases supply-chain risk if the source, transport, or variable inputs are compromised.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
This task adds an external NodeSource repository to the system package sources, changing where future packages may be installed from. In an infrastructure automation context this is expected behavior, but it still introduces supply-chain exposure because package provenance now depends on a third-party repository and on the unvalidated nodejs_version input used to construct the repo URL.

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
# Option 1: Ask for password
ansible-playbook site.yml --ask-become-pass

# Option 2: Use passwordless sudo on target
# /etc/sudoers.d/myuser:
myuser ALL=(ALL) NOPASSWD:ALL
Confidence
93% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
- common_deploy_ssh_pubkey is defined
  tags: [common, users, ssh]

- name: Allow deploy user passwordless sudo
  ansible.builtin.lineinfile:
    path: "/etc/sudoers.d/{{ common_deploy_user }}"
    line: "{{ common_deploy_user }} ALL=(ALL) NOPASSWD:ALL"
Confidence
90% confidence
Finding
sudo

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal