ClawHub

GitHub Iteration Workflow

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed GitHub automation workflow, but it gives an agent broad authority to push code, create PRs, auto-fix CI failures, merge, and potentially use admin merge without clear confirmation gates.

Install only if you want an agent to run a broad GitHub maintainer workflow with write access. Before use, specify the repository, exact issue numbers, target branch, and require confirmation before any push, PR creation, CI-driven code change, merge, admin merge, or deployment-related step.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill description is broad enough to match many ordinary GitHub-related requests, which increases the chance of accidental invocation in contexts the user did not intend. Because this skill performs repository-affecting actions such as issue handling, branching, pushing, PR creation, and merge/deploy steps, mis-triggering can lead to unauthorized or premature workflow execution.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill instructs the agent to push branches, create PRs, repeatedly modify code to satisfy CI, merge PRs, and potentially use admin merge, all without requiring explicit user approval at each high-impact boundary. In an automated agent context, this creates a real risk of unintended code changes reaching protected branches or production-like environments, especially since issue content is treated as input and may itself be untrusted or incomplete.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal