ClawHub

Dependency Audit

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only dependency audit skill whose shell commands and update suggestions fit its stated purpose, though users should review any install or fix commands before running them.

Install is reasonable for dependency review. Run it from a clean working tree, review generated commands before executing them, avoid sudo, pin or vet helper tools where possible, and be careful with private registries because audit commands may send dependency metadata to external services.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill expands from passive auditing into active environment and dependency modification by instructing installation of tooling and preparatory commands. In an agent context, this is risky because package/tool installation changes the host environment, may pull unreviewed code from registries, and violates the user's likely expectation of a read-only audit workflow.

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The skill includes direct update/remediation commands such as package upgrades and audit fixes, which can modify dependency graphs, lockfiles, and runtime behavior. In a security-audit skill, auto-suggesting actionable mutating commands without a strict confirmation boundary can cause unintended changes, break builds, or introduce supply-chain risk if executed blindly by an agent.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill does not clearly disclose that some recommended commands may install tools or alter project dependencies, which creates a consent and safety problem. In context, users invoking a 'health check' or 'audit' may reasonably expect read-only analysis, so under-warning materially increases the risk of unintended system or repository changes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal