ClawHub

AI OS Blueprint

Security checks across malware telemetry and agentic risk

Overview

This is a planning guide for AI workflows, not executable code, and its memory and integration advice is disclosed and purpose-aligned.

Safe to install as a guide. Before following its setup advice, use least-privilege tokens, sandbox or narrow Slack channels/repos/databases, require confirmation before any external write, and avoid putting secrets, regulated data, or confidential business context into memory files or public repositories.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly instructs users to configure the agent to post to Slack, write to Notion, and create GitHub issues, but it does not consistently frame these as potentially sensitive write operations requiring explicit consent, scope restriction, and review. In an agentic setup, normalizing autonomous writes to external systems increases the risk of accidental data disclosure, spam, or unintended state changes across integrated tools.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This section promotes automatic Slack posting, Notion writes, GitHub issue creation, and automated loops as success criteria, but lacks an upfront warning about unintended outbound actions or privacy consequences. Because the skill is operational guidance for real integrations, readers may implement automation without adequate approval gates, causing unauthorized notifications, data leakage, or noisy system changes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal