ClawHub

Sql Generator

Security checks across malware telemetry and agentic risk

Overview

This SQL helper is a local template generator with a small under-disclosed local history log, but no evidence of exfiltration, credential access, automatic execution, or database mutation.

Install only if you are comfortable running local shell scripts from this publisher. Review generated SQL before using it against production databases, and avoid passing secrets, private query text, tokens, or sensitive file paths to scripts/script.sh because those arguments can be stored in a local history log.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill advertises a very broad trigger surface ('use when you need sql generator capabilities' / 'Triggers on: sql generator') without clear activation boundaries or user-intent checks. In agent environments, overly broad routing can cause this skill to activate in loosely related contexts and generate or transform SQL unexpectedly, increasing the chance of unsafe database guidance, unintended data manipulation suggestions, or prompt-routing abuse.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script records user-supplied command arguments into a persistent history log without notice, which can capture sensitive information such as file paths, dataset names, tokens, credentials, or query contents. In an agent skill context, command arguments may contain high-value operational data, making silent retention a privacy and security risk if logs are later read by other users, processes, or collected centrally.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal