ClawHub

Airflow Dag Analyzer

Security checks across malware telemetry and agentic risk

Overview

This is a read-only Airflow DAG review skill whose file access is expected for its purpose, though users should point it only at intended DAG paths.

Install only if you want an agent to inspect Airflow DAG code for operational quality. When using it, provide a specific DAG file or dags/ directory, avoid pointing it at an entire home directory or unrelated repository areas, and do not include secrets or sensitive configuration unless needed for the review.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger description includes many broad phrases such as "DAG", "airflow", "review Airflow configuration", and "troubleshoot DAG failures", which can cause the skill to activate for routine engineering requests beyond a clearly bounded Airflow DAG audit. Over-broad activation increases the chance the agent reads large codebases or configuration sets unnecessarily and may override a more appropriate, narrower skill, creating scope confusion and unintended data exposure.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The usage examples use ambiguous prompts like "Review this DAG file for best practices" and "Analyze the Airflow DAGs in /path/to/dags/" without defining boundaries on repository scope, trust boundaries, or what files may be read transitively. In practice this can encourage activation on loosely related requests and broad filesystem scanning, which raises the risk of unnecessary access to sensitive code or configs during analysis.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal