ClawHub

Smart Coding Assistant

Security checks across malware telemetry and agentic risk

Overview

This is a coherent coding-assistant skill whose main risk is expected use of third-party model APIs for user-provided coding tasks.

Install only if you are comfortable sending prompts and pasted code to the configured model providers. Avoid secrets, regulated data, proprietary code, and confidential logs unless your organization approves those providers; use limited API keys with spending controls and pin any pip dependencies before production use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs users to configure third-party model API keys and use hosted coding models, but it does not clearly warn that source code, prompts, and possibly sensitive project context may be transmitted to external providers. In a coding-assistant skill, this omission is security-relevant because users may paste proprietary code, secrets, or regulated data into prompts without understanding the data-exposure risk.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill is designed to automatically route tasks across multiple external models, yet it does not warn users that their prompts, code, and possibly embedded secrets may be sent to third-party model providers. In a coding assistant context, submitted content often contains proprietary source code, credentials, internal URLs, or security-relevant details, so undisclosed transmission materially increases confidentiality and compliance risk.

Missing User Warnings

Low
Confidence
92% confidence
Finding
The documentation tells users to place API keys in environment variables but gives no guidance on secure secret handling, storage, redaction, or avoiding accidental exposure in shells, logs, screenshots, or committed config files. For a development-oriented skill, this omission raises the risk that users mishandle long-lived credentials and expose access to paid model APIs or related account resources.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The code-generation trigger list contains very broad terms such as 'create', 'build', 'function', and 'class' that are common in ordinary technical conversation. In a model-routing skill, this can cause unintended invocation or misclassification, sending user content to a generation workflow when the user only meant to ask a question or discuss code conceptually.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The code-review triggers include generic words like '问题', '改进', 'quality', and 'smell', which can appear in normal discussion without indicating a review request. This creates an over-broad routing surface that may incorrectly invoke review behavior, causing unintended processing and unreliable skill selection.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The bug-debugging trigger list uses broad words such as 'issue', 'problem', 'error', and 'fix', which frequently occur in generic troubleshooting or even non-debug contexts. That makes the routing logic prone to false activation, potentially steering user requests into debugging workflows without clear user intent.

Vague Triggers

High
Confidence
96% confidence
Finding
The technical Q&A trigger set is extremely broad, including phrases like 'how', 'what is', '为什么', and '技术', which are common in ordinary conversation and can match a vast range of unrelated requests. In this skill, that broadness is especially risky because it can capture many inputs by default, overriding more precise task routing and leading to unintended invocation at scale.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
User task content is sent to external model APIs, but the CLI does not provide a clear disclosure or consent step before transmitting potentially sensitive code, logs, or proprietary text. In a coding assistant context, users commonly paste confidential source code and credentials-containing snippets, so silent third-party transmission creates a real data exposure risk.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal