ClawHub

Auto Evolution (Hybrid Mode)

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent but should be reviewed because it is designed for recurring unattended multi-agent task execution in a user's workspace.

Install only if you intentionally want unattended agents working through task files. Use an isolated workspace, a low-privilege coordinator agent, no production credentials, manually review task JSON and generated prompts, and remove the cron/heartbeat jobs when the work is done.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README promotes autonomous agent execution and automatic packaging with marketing language like 'build things while you sleep' but does not clearly warn users that the system may modify files, generate code, and change workspace state without direct per-action approval. In a multi-agent system that spawns executor roles and writes outputs into the workspace, omission of these warnings materially increases the chance of unsafe deployment or accidental destructive changes.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The cron configuration instructs users to schedule recurring autonomous processing every 5 minutes, but it does not explicitly warn that this creates persistent unattended execution. In the context of a coordinator that spawns sub-agents to review, execute, audit, and package tasks, timer-driven repetition can amplify mistakes, cause repeated workspace modifications, and make unsafe behavior continuous rather than one-off.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal