ClawHub

Standalone Setup

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed VPS setup helper for Mobazha; it is powerful because it uses SSH and a remote sudo installer, but that matches its stated purpose.

Install only if you are comfortable letting an agent administer the specified VPS and you trust Mobazha's installer. Review the remote script before running it, confirm the exact server and domain, avoid sharing reusable SSH credentials, and inspect or disable the hourly auto-update timer if you need manual change control.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (17)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The document repeatedly instructs users to pipe a remotely fetched script directly into a root shell, but provides no warning about executing unreviewed code with full system privileges. In a setup/install skill, this context makes the pattern more dangerous because users are likely to copy-paste the command verbatim on production VPS hosts, turning any compromise of the download endpoint or installer into immediate root-level code execution.

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
# Standalone Installer Flags Reference

Source: `curl -sSL https://get.mobazha.org/standalone | sudo bash [options]`

## Available Flags
Confidence
89% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
curl -sSL https://get.mobazha.org/standalone | sudo bash

# With domain — HTTPS auto-TLS
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com

# Privacy mode
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --overlay tor
Confidence
90% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com

# Privacy mode
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --overlay tor

# Combined
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com --overlay tor --testnet
Confidence
90% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --overlay tor

# Combined
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com --overlay tor --testnet

# Custom install directory
INSTALL_DIR=/srv/mobazha curl -sSL https://get.mobazha.org/standalone | sudo bash
Confidence
90% confidence
Finding
sudo

External Script Fetching

High
Category
Supply Chain
Content
# Standalone Installer Flags Reference

Source: `curl -sSL https://get.mobazha.org/standalone | sudo bash [options]`

## Available Flags
Confidence
99% confidence
Finding
curl -sSL https://get.mobazha.org/standalone | sudo bash

External Script Fetching

High
Category
Supply Chain
Content
```bash
# Basic install — HTTP on IP
curl -sSL https://get.mobazha.org/standalone | sudo bash

# With domain — HTTPS auto-TLS
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com
Confidence
99% confidence
Finding
curl -sSL https://get.mobazha.org/standalone | sudo bash

External Script Fetching

High
Category
Supply Chain
Content
curl -sSL https://get.mobazha.org/standalone | sudo bash

# With domain — HTTPS auto-TLS
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com

# Privacy mode
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --overlay tor
Confidence
99% confidence
Finding
curl -sSL https://get.mobazha.org/standalone | sudo bash

External Script Fetching

High
Category
Supply Chain
Content
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com

# Privacy mode
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --overlay tor

# Combined
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com --overlay tor --testnet
Confidence
99% confidence
Finding
curl -sSL https://get.mobazha.org/standalone | sudo bash

External Script Fetching

High
Category
Supply Chain
Content
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --overlay tor

# Combined
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com --overlay tor --testnet

# Custom install directory
INSTALL_DIR=/srv/mobazha curl -sSL https://get.mobazha.org/standalone | sudo bash
Confidence
99% confidence
Finding
curl -sSL https://get.mobazha.org/standalone | sudo bash

External Script Fetching

High
Category
Supply Chain
Content
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com --overlay tor --testnet

# Custom install directory
INSTALL_DIR=/srv/mobazha curl -sSL https://get.mobazha.org/standalone | sudo bash
```

## Post-Install Locations
Confidence
99% confidence
Finding
curl -sSL https://get.mobazha.org/standalone | sudo bash

Chaining Abuse

High
Category
Tool Misuse
Content
# Standalone Installer Flags Reference

Source: `curl -sSL https://get.mobazha.org/standalone | sudo bash [options]`

## Available Flags
Confidence
98% confidence
Finding
| sudo

Chaining Abuse

High
Category
Tool Misuse
Content
```bash
# Basic install — HTTP on IP
curl -sSL https://get.mobazha.org/standalone | sudo bash

# With domain — HTTPS auto-TLS
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com
Confidence
98% confidence
Finding
| sudo

Chaining Abuse

High
Category
Tool Misuse
Content
curl -sSL https://get.mobazha.org/standalone | sudo bash

# With domain — HTTPS auto-TLS
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com

# Privacy mode
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --overlay tor
Confidence
98% confidence
Finding
| sudo

Chaining Abuse

High
Category
Tool Misuse
Content
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com

# Privacy mode
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --overlay tor

# Combined
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com --overlay tor --testnet
Confidence
98% confidence
Finding
| sudo

Chaining Abuse

High
Category
Tool Misuse
Content
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --overlay tor

# Combined
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com --overlay tor --testnet

# Custom install directory
INSTALL_DIR=/srv/mobazha curl -sSL https://get.mobazha.org/standalone | sudo bash
Confidence
98% confidence
Finding
| sudo

Chaining Abuse

High
Category
Tool Misuse
Content
curl -sSL https://get.mobazha.org/standalone | sudo bash -s -- --domain shop.example.com --overlay tor --testnet

# Custom install directory
INSTALL_DIR=/srv/mobazha curl -sSL https://get.mobazha.org/standalone | sudo bash
```

## Post-Install Locations
Confidence
98% confidence
Finding
| sudo

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal