ClawHub

Semgrep

Security checks across malware telemetry and agentic risk

Overview

This Semgrep integration is mostly coherent, but it exposes powerful write and raw API capabilities without enough guardrails for destructive or sensitive operations.

Install only if you trust the publisher and intend to let the agent manage your Semgrep environment through Membrane. Before running it, require explicit confirmation for delete, update, bulk triage, tag changes, managed-scan changes, or raw proxy requests, and prefer read-only built-in actions unless a broader API request is necessary.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill explicitly enables arbitrary proxied requests to the Semgrep API with custom methods, headers, query parameters, and bodies, but provides no guardrails about sensitive data handling or when such access should require user confirmation. In this context, an agent could retrieve or transmit repository metadata, findings, secrets, or organizational configuration more broadly than necessary, increasing the risk of unintended data exposure or overbroad API use.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill advertises multiple destructive or state-changing operations such as deleting projects, bulk triage, updating policy, modifying tags, and toggling managed scans without any caution that these actions can alter security posture or operational state. In an agentic setting, presenting these actions without confirmation requirements or risk notes makes accidental or unauthorized changes more likely.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal