ClawHub

ITIL Ops

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate IT operations skill, but it gives agents broad service-change authority and includes a recurring review script with local persistence and unsafe filename handling.

Install only if you want an agent to inspect local operational logs, cron state, health endpoints, and agent memory/state on a recurring basis. Before using it operationally, limit it to report-only mode or define exactly which services and files it may change, require explicit approval for restarts/config edits/cron changes, and fix the shell script's Python filename handling.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The activation scope is broad enough to match many generic operational-review or troubleshooting requests, which can cause over-invocation of a skill that recommends shell access, log inspection, cron interaction, and service operations. In context, that raises the likelihood the agent applies this skill in situations where a narrower, read-only diagnostic workflow would have been safer.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill recommends operationally impactful actions like restarting services, changing configs, creating cron jobs, and emergency fixes, but it does not prominently warn that these actions can disrupt service or require explicit authorization. In an autonomous agent context, this omission is dangerous because it normalizes service-modifying behavior and may lead to unreviewed production changes or outages.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal