ClawHub

clawtributor

Security checks across malware telemetry and agentic risk

Overview

This instruction-only reporting skill appears coherent and opt-in, but users should sanitize incident evidence before saving or manually submitting it.

Before installing, confirm you trust the ClawHub package or verify the signed standalone release. When using the skill, keep draft reports private, treat captured prompts/code as untrusted evidence, and manually submit only sanitized content after reviewing the exact payload.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI04: Agentic Supply Chain Vulnerabilities
Info
What this means

A user should install only from the intended registry or verified release to avoid substituting a different package.

Why it was flagged

The documented install path relies on an external registry/package command. This is expected for a registry-distributed skill, and the artifacts also provide signed release verification guidance for standalone installs.

Skill content
Recommended install path: ClawHub registry (`npx clawhub@latest install clawtributor`)
Recommendation

Use the documented ClawHub install path, and for standalone installs follow the signed manifest/checksum verification before trusting extracted files.

#
ASI06: Memory and Context Poisoning
Low
What this means

Draft reports could contain malicious prompt text, private context, or sensitive indicators if not sanitized before reuse or sharing.

Why it was flagged

The report format intentionally captures observed prompt or code payloads, which may be untrusted or sensitive. The artifact mitigates this by explicitly requiring sanitization.

Skill content
"payload": "The observed prompt/code/behavior (sanitized)"
Recommendation

Treat report payloads as evidence, not instructions; remove secrets, personal data, and unrelated conversation content before saving or submitting.

#
ASI07: Insecure Inter-Agent Communication
Low
What this means

Submitted report content may become visible to maintainers and possibly in GitHub issue workflows.

Why it was flagged

The submission flow sends report content off-host to GitHub/maintainers, but it is disclosed as manual and approval-gated.

Skill content
After approval, open the browser form: - https://github.com/prompt-security/clawsec/issues/new?template=security_incident_report.md ... Paste the report content and submit.
Recommendation

Review the exact report, verify the destination URL, and submit only sanitized, minimal evidence after explicit user approval.