ClawHub

Automation Scripts

Security checks across malware telemetry and agentic risk

Overview

This automation skill is not malware, but it needs review because it promotes scheduled scripts that can publish Git changes, delete old backups, and auto-repair services without clear approval or rollback safeguards.

Install only if you intend to review generated scripts before running or scheduling them. Require explicit confirmation before Git pushes or service repairs, restrict scripts to known paths and repositories, keep retention settings deliberate, and maintain a clear way to disable scheduled jobs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly promotes automatic Git add/commit/push behavior but does not warn that this can modify repository history and transmit local changes to a remote server. In an automation skill, that omission is risky because users may unintentionally publish sensitive files, secrets, or incomplete work when the script runs unattended.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The backup template states that it will automatically clean up old backups and retain only 30 days, but it does not warn that backup data will be permanently deleted. In a backup context, silent retention-based deletion can cause irreversible data loss if users assume backups are indefinite or misconfigure retention settings.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The OpenCode auto-fix script describes detecting failures, diagnosing, automatically repairing, and verifying results without warning that these remediation steps may change system state. Automated repair in an operations context can alter configs, restart services, or apply fixes that create outages or unintended side effects if run without review.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal