ClawHub

Code Hug

Security checks across malware telemetry and agentic risk

Overview

Code Hug appears to be a legitimate developer workflow skill, but it asks for broad code analysis, local retention, notifications, and automatic repair authority without enough guardrails.

Install only if you are comfortable giving the skill broad visibility into a project and possible authority to change it. Use it on a clean branch or disposable clone, disable auto-fix unless you can review each change, inspect and exclude .code-hug/ from version control if it contains sensitive outputs, and avoid email or other external notifications for confidential code unless you understand exactly what is sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The example states that comprehensive analysis outputs, incremental updates, and audit artifacts are stored under a local `.code-hug/` workspace directory without warning about retention, sensitivity, or access control. Because these artifacts may include source code insights, business rules, security findings, and operational history, silent local persistence can expose sensitive data to other local users, backup systems, or accidental commits.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly supports automatic repair and workflow execution over a user-supplied project_root, which can modify source files, configs, tests, or build artifacts. Although it mentions safety checks and rollback, it does not clearly warn users before destructive or file-changing actions, increasing the risk of unintended codebase changes, corruption, or unsafe edits being applied automatically.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill advertises business-rule extraction, PRD generation, workflow mapping, audit logging, and notification channels including email, all of which may process or transmit sensitive repository contents, architecture details, or business logic. There is no prominent privacy notice, consent flow, or data-handling disclosure, so users may unknowingly expose confidential project information to logs or outbound channels.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal