clawhub-deployer — Skill Publishing Assistant

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent ClawHub publishing helper, but it gives an agent enough authority to modify a repo and publish files externally without a clear final review-and-confirmation gate.

Install only if you want an agent to help publish skills to ClawHub. Before using it, manually confirm the exact folder, files, slug, version, owner, and publish destination, and remove secrets or private notes from the folder before any login or publish command runs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrase "publish skill" is broad enough to match generic publishing requests that may not be intended for ClawHub, increasing the chance this skill activates in the wrong context. Because the skill performs packaging and remote publication steps, an accidental trigger could cause unintended repository changes or an unwanted publish workflow to begin.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The workflow instructs the agent to create a publish directory and modify `.gitignore` without explicitly requiring user consent or warning that repository files will be changed. In a source repository, these side effects can alter tracked content, conceal generated artifacts, or surprise the user with persistent changes unrelated to the core publish action.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal