ClawHub

Tech Debt Scanner

Security checks across malware telemetry and agentic risk

Overview

This appears to be a repo health or technical-debt scanning skill with some under-disclosed live checks, but no evidence of deceptive, destructive, or unrelated behavior.

Install this only if you are comfortable with the agent inspecting your repository, git/dependency metadata, and possibly querying package registries for dependency status. Prefer running it when you explicitly want a repo audit, and review any proposed command before allowing networked dependency checks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The skill explicitly claims it is 'static analysis only' and 'does not execute code or install dependencies', but its documented workflow runs commands like `npm outdated` and `pip list --outdated` that query the live environment and may access package registries. This mismatch can mislead users or higher-level agents into approving or invoking the skill in contexts where network access, environment probing, or non-static behavior is not allowed.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger phrases are broad enough to overlap with normal code review, refactoring, or planning requests, increasing the chance the skill is auto-invoked when the user did not intend a repo-wide scan. In this skill, unintended invocation matters more because some commands inspect git history and dependency state, and may run live package-manager queries, expanding data exposure and operational side effects.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal