ClawHub Web Only Publish

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill helps publish ClawHub skills through an existing browser session, with the main risk being that users must deliberately confirm what they are publishing.

Install this only if you want an agent to help publish skills to ClawHub. Before using it, confirm the visible ClawHub account, selected skill folder, slug, display name, version, and changelog, and make sure the pre-publish secret scan has not found credentials. Avoid the CLI fallback unless you intentionally want to publish with an already-authenticated CLI token.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The self-use trigger is broad enough to activate on ordinary publishing tasks whenever a browser session exists or CLI login is inconvenient. That can cause the agent to initiate external publication actions with insufficient user confirmation, increasing the risk of unintended release of code or metadata to a public platform.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal