ClawHub

business-email-templates

Security checks across malware telemetry and agentic risk

Overview

This appears to be a ClawHub maintainer bundle with disclosed but high-impact admin, GitHub, and sandbox-bypassing review workflows that should be reviewed before installation.

Install only if you are intentionally setting up ClawHub maintainer tooling. Review the moderation and autoreview instructions first, use least-privileged GitHub and ClawHub tokens, avoid running the full-access review helper unless you trust the repository, and keep local dev services stopped when not needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal