ClawHub

Code Reviewer

Security checks across malware telemetry and agentic risk

Overview

This code-review skill is on-purpose, but it can approve or block pull requests and send PR details to Slack without enough scoping or safety guidance.

Review carefully before installing. Keep auto-approval disabled unless it is limited to clearly low-risk changes, use least-privilege bot permissions, install only on selected repos, preserve human review for protected branches and security-sensitive files, and treat Slack notifications as external sharing of repository metadata.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly advertises automatic PR approval and merge-blocking, which can materially change repository workflow and governance, but it does not prominently warn users about the operational risk of granting an automation authority to approve or block changes. In a code-review context this is expected functionality, yet without a clear warning and requirement for human oversight, teams may deploy it in sensitive repos and unintentionally weaken review controls or disrupt delivery.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The Slack notification example sends PR title, summary, and URL to an external messaging platform, but the skill does not warn that this may expose repository metadata outside the source-control system. In enterprise or private-repo settings, even PR metadata can be sensitive and may leak internal project details to broader audiences or third-party services.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
---
name: code-reviewer
description: "Automated code review, quality gates, and PR analysis. Integrates with GitHub, GitLab, Bitbucket. Enforce style guides, detect bugs, security vulnerabilities, performance issues. Auto-approve safe PRs, flag dangerous changes. Save developers 5+ hours/week on manual reviews."
homepage: https://clawhub.com/skills/code-reviewer
metadata:
  openclaw:
Confidence
88% confidence
Finding
Auto-approve

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
- "Enforce our coding standards"
- "Detect security vulnerabilities in PRs"
- "Block performance anti-patterns"
- "Auto-approve trivial changes"
- "Generate review comments on PRs"
- "Ensure no secrets or credentials committed"
Confidence
86% confidence
Finding
Auto-approve

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
on_pr_update:
    - "review"  # Re-review

  auto_approve:
    when:
      - "all_checks_pass == true"
      - "author in [maintainer_team]"
Confidence
95% confidence
Finding
auto_approve

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal