ClawHub

Release Discipline

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill adds release checks and a disclosed local release log, with no hidden code or install-time behavior.

Install this if you want the agent to challenge or block releases until its checklist passes. Expect it to read release-related project context and possibly write memory/release-log.md; avoid putting secrets, sensitive customer details, or private incident information into the release rationale or feedback summaries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger set and activation language are broad enough that the skill may activate during ordinary discussion of releases, versioning, or deployment rather than only when the user explicitly asks to perform a release action. In an agent context, unintended activation can override user flow, inject blocking policy logic at the wrong time, and create denial-of-service-like friction around unrelated tasks.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The phrase 'Intercept any release/publish/deploy action' is ambiguous and does not define whether this applies to planning, discussion, dry runs, CI configuration, or actual execution. That ambiguity increases the chance that an agent applies mandatory gates in the wrong context or blocks legitimate operations unexpectedly.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill directs the agent to write to `memory/release-log.md` after every release decision without warning the user that repository or workspace files will be modified. Silent state changes are risky because they can create unwanted commits, pollute project history, or write into sensitive paths in environments where file modification should be explicit and consented to.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal