ClawHub
Back to skill

Security audit

WheelSpotter

Security checks across malware telemetry and agentic risk

Overview

WheelSpotter is a disclosed package-discovery helper that searches public software registries and does not show hidden, destructive, or purpose-mismatched behavior.

Before installing, expect this skill to send search terms or summarized requirements to public package and code registries. Use a low-scope GitHub token only if needed, avoid running searches on highly sensitive unreleased project details, and be aware that the broad triggers may warrant confirmation before network searches.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases are broad everyday language such as "before implementing" and "find a tool that," which can match many normal development conversations unrelated to this skill. Overbroad activation increases unintended invocation, causing the agent to perform external searches, consume budget, and potentially send user requirements to third-party services without the user specifically asking for this skill.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The keyword activation guidance relies on vague single terms like "existing," "tool," and "solution," which are common in ordinary prompts and can cause accidental routing. In this skill, accidental routing is more significant because the documented behavior includes network-based searches and optional use of external platforms, so false activations can leak context and waste resources.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.