ClawHub

A2a Code Audit

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real code-audit skill, but it uses broad activation phrases for a paid third-party code-scanning endpoint and does not clearly require consent before code is sent out.

Review before installing. Use this only when you explicitly want A2A Code Audit to scan the code, and confirm that proprietary code, secrets, customer data, or private repositories should be sent to the external endpoint and billed per scan. The publisher should narrow the triggers and clearly disclose the external submission and payment step in the runtime instructions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
84% confidence
Finding
Several triggers, including phrases like "audit code," "scan for bugs," and "security check," are generic enough to overlap with routine developer requests. In a system that dispatches skills by trigger matching, this ambiguity increases the chance of accidental activation, which can broaden access to sensitive source code or cause the wrong skill to act on user data.

Vague Triggers

Medium
Confidence
84% confidence
Finding
Several triggers, including phrases like "audit code," "scan for bugs," and "security check," are generic enough to overlap with routine developer requests. In a system that dispatches skills by trigger matching, this ambiguity increases the chance of accidental activation, which can broaden access to sensitive source code or cause the wrong skill to act on user data.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases are broad and map closely to common developer requests like 'code review' and 'security check', which increases the chance this skill is invoked unintentionally in situations where a user did not specifically request this exact workflow. Unintended invocation can cause the wrong agent behavior to run, leading to confusing outputs, mis-scoped analysis, or accidental use of execution-capable tooling in contexts that expected a different review path.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger phrases are very broad and overlap with common user requests such as 'code review' and 'security check', which can cause this paid external skill to activate in situations beyond a narrowly intended scope. That increases the chance of unintended routing of sensitive source code to a third-party endpoint, creating privacy, cost, and data exposure risk even if the service is not overtly malicious.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal