ClawHub

Find Skills

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate skill-discovery helper, but it needs review because it can steer broad requests toward globally installing third-party skills with confirmation suppressed.

Install only if you want an agent helper that recommends and installs other skills. Before running any suggested install command, verify the exact skill source, avoid `-g -y` unless you intentionally want a global auto-confirmed install, and prefer explicit confirmation or a test environment for third-party skills.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill’s trigger guidance includes very broad, common phrases like 'how do I do X' and 'can you do X', which can cause the skill to activate in many ordinary conversations where the user is not actually asking to discover or install skills. In this context, unintended invocation is risky because the skill can steer the agent toward package discovery and installation workflows, increasing the chance of unnecessary command suggestions or supply-chain exposure.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to offer installation using 'npx skills add <owner/repo@skill> -g -y' without warning that '-g' performs a global install and '-y' suppresses confirmation prompts. That combination reduces user visibility and consent for a system-affecting action, and in a package-installation context it amplifies the risk of accidental or unsafe installation from third-party sources.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal