Nervix Onboarding
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is mostly aligned with Nervix onboarding, but it can create and persist agent credentials, start ongoing heartbeat activity, and publish to ClawHub without enough scoping or cleanup guidance.
Use this only with a trusted Nervix repository and explicit authorization. Confirm the agent name, roles, token storage, heartbeat behavior, ClawHub token, target bundle, and version before proceeding, and make sure you know how to stop the heartbeat and revoke or rotate any created tokens.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing or using the skill could lead the agent to create and keep Nervix credentials that continue to grant access after onboarding.
This is explicit credential persistence for an agent identity. The artifacts do not define storage location, retention, revocation, or token/role scope.
Persist `agentId`, access token, refresh token, and enrollment timestamp.
Before use, require explicit user approval for enrollment, roles, token storage location, and revocation steps; document how to remove or rotate the stored credentials.
A newly enrolled agent may continue reporting to the Nervix federation beyond the immediate setup task.
A heartbeat is ongoing agent activity. The artifacts do not specify user confirmation, stop conditions, cleanup, or containment for that recurring behavior.
Start heartbeat with `agents.heartbeat`.
Add clear instructions for when heartbeat may be started, how to stop it, and how to disable or revoke the enrolled agent.
If used carelessly, the agent could publish or update a ClawHub skill bundle with unintended content.
Publishing or auto-bumping a ClawHub bundle is a high-impact mutation of a third-party account/package, but it is disclosed and tied to the skill purpose.
Publish if authorized. ... publish or auto-bump publish
Require a final human review of the bundle, target account, version change, and publish authorization before running the publish step.
The safety of the actual CLI and publisher code depends on files outside this scan.
The skill depends on an external/local Nervix repo and tooling that are not included in the reviewed instruction-only artifact.
If the repo is available, inspect: `server/routers.ts` ... `server/clawhub-publisher.ts` ... Validate local prerequisites. Confirm: Node.js 22+; `corepack pnpm`
Use only a trusted Nervix repository/CLI, review the referenced publisher and enrollment code, and verify package provenance before running commands.