ClawHub

Workspace Organization - Automated Health Checks

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a normal workspace cleanup and audit helper, with local filesystem visibility that users should understand before enabling optional logging or scheduled runs.

Install only if you are comfortable with the skill inspecting your workspace metadata such as file paths, directory sizes, and recent changes. Avoid enabling scheduled audit logs unless the log location is private and you are comfortable retaining that metadata.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The README advertises very broad agent-trigger phrases such as 'Check workspace health' and 'What's taking up disk space?', which can overlap with ordinary user requests and cause the skill to be invoked in contexts the user may not have intended. Because this skill performs filesystem inspection across the workspace and surfaces file paths, recent changes, and storage details, ambiguous invocation increases the risk of unintended disclosure of local metadata and overbroad execution.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are very broad and likely to match ordinary requests such as 'check workspace health' or 'audit my workspace,' causing the agent to execute local scripts with minimal user specificity. In an agent ecosystem, ambiguous invocation increases the chance of unintended script execution against sensitive workspace contents, especially when the script enumerates files, paths, and recent activity.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The recommended cron task logs audit results that can include sensitive absolute file paths, filenames, directory names, and recent modification metadata. Persisting this information to notes or other plaintext logs can expose workspace structure, project names, and activity history to other skills, users, backups, or sync targets that can read those files.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal