ClawHub

Overkill Mission Control

Security checks across malware telemetry and agentic risk

Overview

This is a powerful remote Mission Control dashboard with persistent services and root proxy setup, but it does not clearly define access controls or safety boundaries.

Review carefully before installing. Keep it localhost-only unless you have verified the actual application source, authentication model, Tailnet ACLs, per-agent permissions, and approval controls. Avoid running the proxy as root where possible, and confirm how to stop, disable, and remove both systemd services.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly instructs users to expose the dashboard over Tailscale and defines persistent systemd services, but it does not include clear warnings about remote reachability, authentication, or the risks of running long-lived services. In the context of a mission-control dashboard with agent messaging, task execution, documents, and webhooks, network exposure materially increases the attack surface and could enable unauthorized access if the app is not hardened.

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
[Service]
Type=simple
User=root
ExecStart=/usr/bin/sudo /usr/bin/tailscale serve 3000
Restart=always

[Install]
Confidence
94% confidence
Finding
sudo

Session Persistence

Medium
Category
Rogue Agent
Content
{
              "id": "service",
              "kind": "systemd",
              "label": "Create Mission Control systemd service",
              "path": "/etc/systemd/system/mission-control.service"
            },
            {
Confidence
84% confidence
Finding
Create Mission Control systemd service", "path": "/etc/systemd/system/mission-control.service" }, { "id": "tailscale", "kind": "system

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal