ClawHub

Boilerplates

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a minimal boilerplate helper with some under-documented local logging, but no evidence of exfiltration, credential use, privilege escalation, destructive behavior, or hidden remote activity.

Install only if you are comfortable with a lightweight, mostly placeholder boilerplate helper. If you run the included generic script, do not pass secrets or sensitive project details to it because it can save command activity and added entries locally in plaintext.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill metadata says this is a boilerplate/template collection, but the shipped script implements a generic local data-management CLI with its own persistence and activity logging. That mismatch is risky because it introduces functionality unrelated to the declared purpose, making it easier to hide unintended data collection or repurpose the skill for user tracking without clear user expectation.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The script stores arbitrary user-supplied entries in data.log and records command activity in history.log under the user's home data directory. In the context of a template collection, persistent capture of arbitrary content and user activity is unnecessary and can expose sensitive strings, project names, or operational history if the local files are later accessed by other processes or users.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The commands `help`, `run`, `info`, and `status` are generic trigger terms that overlap with common user language and can be invoked unintentionally in broader conversations. In an agent setting, overly broad triggers increase the chance of accidental execution of the skill and any side effects it carries, especially when the skill already appears to have behavior beyond its declared purpose.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal