ClawHub

claude-session-warmer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed scheduler for sending small Claude CLI prompts from the user's own logged-in VPS, with no evidence of hidden token theft or exfiltration.

Install only if you intentionally want unattended Claude CLI prompts from your own logged-in VPS. Review the cron block before adding it, keep enabled=false until ready, avoid copying tokens between machines, and verify current Claude/Anthropic terms because this consumes account quota and depends on subscription policy.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill advertises broad invocation cues around Claude usage windows, resets, maximizing plan use, and warm-up behavior, which can trigger the skill in ordinary conversations about account limits or subscription optimization. In context, that increases the chance an agent will steer users toward setting up automated authenticated CLI activity on a remote VPS without a narrowly scoped, high-friction confirmation step.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The setup guidance moves quickly into configuration and scheduling but does not prominently warn that this creates recurring automated prompts from an authenticated Claude CLI session on an always-on remote box. That omission can cause users to authorize persistent account activity without fully appreciating the operational, billing/quota, and policy implications of running automation against their own logged-in subscription.

VirusTotal

54/54 vendors flagged this skill as clean.

View on VirusTotal