ClawHub

LSP Python

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Python code-checking skill, with the main caution that optional auto-fix commands can rewrite Python files you point it at.

Install this only in a trusted Python environment. Run checks on intended project files, keep your project under version control, and review diffs after using --auto-fix, autoflake --in-place, or black on a directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
85% confidence
Finding
The script advertises code checking/LSP-style diagnostics but also performs in-place source modification and writes report files, expanding its capability beyond read-only analysis. In an agent skill context, this mismatch is security-relevant because users or orchestrators may grant it broader trust than they intended, leading to unauthorized workspace changes.

Context-Inappropriate Capability

Medium
Confidence
82% confidence
Finding
Invoking external formatters as subprocesses gives the skill write-capable execution paths that are not clearly justified by the stated diagnostic/LSP purpose. In agent environments, undeclared external tool execution increases attack surface and can cause unexpected code changes or dependency-based abuse if those binaries are replaced or misconfigured.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill advertises auto-fix and formatting flows that modify files in place, but the warning about destructive or state-changing behavior is inconsistent and easy to miss. In practice, users may invoke bulk commands against a project tree believing they are performing diagnostics only, causing unintended source changes, formatting churn, or loss of local edits.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal