ClawHub

Dark-Factory-Agent

Security checks across malware telemetry and agentic risk

Overview

This skill looks like a local mock testing/reporting tool, but it presents simulated results and a simple hash as verified signed proof.

Install only if you treat this as a mock or demonstration harness. Do not rely on its pass rates, security evidence, or signature fields for release, compliance, or production security decisions, and do not grant wallet access unless a future version clearly explains why it is needed and how it is scoped.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
This is a real integrity issue: the script presents itself as a behavioral test engine, but `_mock_execute()` fabricates pass/fail outcomes and match scores using randomness rather than evaluating scenario behavior. In a security or quality-assurance pipeline, this can mislead operators into trusting unvalidated agent behavior, masking regressions or unsafe behavior and producing false evidence of compliance.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The code and docstrings present the report as 'signed' and cryptographically authenticated, but _sign_report only computes a SHA-256 digest over JSON content. A digest without a secret or private key provides integrity checking only against accidental change and does not provide authenticity or non-repudiation, so downstream systems may trust forged reports if they interpret this as a real signature.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The unit and integration testing functions do not execute real tests against generated code; they fabricate pass/fail outcomes using randomness while reporting them as genuine test results. In an orchestration system that produces outcome reports and security evidence, this can falsely attest software quality and safety, allowing untested or unsafe code to be promoted based on misleading evidence.

Intent-Code Divergence

High
Confidence
95% confidence
Finding
The top-level workflow claims to validate specifications, execute tests, generate code, and produce a signed outcome report, but major stages are placeholders or simulations. In this skill context, the orchestrator appears to be an assurance pipeline, so misrepresenting simulated actions as real verification increases the risk that operators will rely on false confidence when accepting generated code or compliance evidence.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly advertises autonomous code generation, testing, and execution without any user-facing warning about potentially system-impacting actions. In an agent setting, this can lead operators to invoke the skill without understanding that it may create, run, and modify artifacts, increasing the risk of unintended execution or environmental changes.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The workflow documents creation of an output report file but does not warn users that running the orchestrator will write files to disk. While lower severity than code execution, undisclosed file creation/modification can still surprise users, interfere with existing artifacts, or be unsafe in sensitive environments.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal