ClawHub
Back to skill

Security audit

Code Audit Pro

Security checks across malware telemetry and agentic risk

Overview

This is a code-review instruction skill that may read project files and diffs when asked, but its behavior is disclosed and aligned with its purpose.

Install only if you want an agent to inspect code files and repository diffs for review. When using it, specify the exact files or changes you want reviewed and avoid invoking it in repositories whose diffs contain secrets or unreleased sensitive code.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrases for full review are broad natural-language requests like reviewing code or a file, which can overlap with ordinary user intent and cause the skill to activate unexpectedly. In a skill that reads files and performs security review, over-broad activation increases the chance of unintended access to user code or repository contents without sufficiently explicit consent.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The PR review triggers are similarly ambiguous, using generic requests like checking a PR or reviewing changes, which may match common conversation patterns. Because this mode can initiate repository inspection and diff analysis, ambiguous triggering can lead to unintended scanning of local changes beyond what the user knowingly requested.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill states it will automatically run git diff when the user is in a working directory, but it does not warn the user that repository changes will be read and analyzed. This creates a transparency and consent problem: diffs often contain secrets, internal code, or unreleased changes, so automatic collection can expose sensitive data unexpectedly.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.