ClawHub
Back to skill

Security audit

Dev Toolkit Pro

Security checks across malware telemetry and agentic risk

Overview

This is a development-helper skill whose file-changing commands are expected for its purpose, with no evidence of hidden execution, exfiltration, or persistence.

Install only if you want an agent to help run developer workflow commands that may change your workspace or git history. Before using formatting, refactor --apply, scaffold, git squash/commit/PR, Docker build, or deployment-related commands, work from version control, review the diff, and confirm the intended target files or branch.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Low
Confidence
89% confidence
Finding
The skill documents scaffold/build/deploy-style capabilities and references output files and generated project structures, but it does not clearly and prominently warn that these operations may create or modify files in the workspace. In an agent setting, ambiguous write behavior can lead to unintended filesystem changes, especially if a user expects analysis-only assistance.

Missing User Warnings

Low
Confidence
95% confidence
Finding
The formatting section states that `dev-tk fmt` performs full formatting and auto-detects project types, implying in-place rewriting of source files without a clear warning. In automated agent workflows, silent formatting can alter many files unexpectedly, causing unintended code churn or overwriting user work.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The refactor section includes `dev-tk refactor --apply=RF-001`, which suggests automatic code modification, but it does not clearly warn that source files may be changed. Auto-applying refactors is more dangerous than reporting suggestions because it can introduce broad, hard-to-review code changes or break behavior if triggered by an agent without explicit user consent.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.