ClawHub

Laravel Forge

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Laravel Forge admin skill, but it gives an agent broad control over servers, deployments, credentials, and remote commands without built-in safety checks.

Install only if you intend to let an agent administer Laravel Forge infrastructure. Use the least-privileged Forge token available, set an explicit organization, protect the credentials file, and manually confirm production-impacting actions such as deleting servers or sites, running commands, changing deployment scripts or environment files, restoring backups, changing roles, or creating jobs/background processes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation advertises many destructive and privileged operations—server creation, deletion, firewall changes, credential management, deployment script changes, command execution, backups restore, and service control—without any explicit warning, approval requirement, or caution about production impact. In an agentic context, this omission makes accidental destructive use materially more likely because the skill normalizes dangerous operations as routine examples.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The setup instructions tell users to place long-lived API credentials in environment variables or a local JSON file but do not warn about secret exposure risks such as shell history, process inspection, accidental commits, weak file permissions, or shared-machine access. This increases the likelihood of credential leakage for a token that can administer Forge-managed infrastructure.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
This CLI exposes many destructive operations such as deleting servers, sites, backups, keys, users, firewall rules, and certificates without any confirmation prompt, dry-run mode, or explicit force flag. In an agent context, where actions may be triggered from natural-language requests or chained workflows, this sharply increases the risk of accidental or manipulated destructive changes to production infrastructure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal