ClawHub

Coding with Cursor AI

Security checks across malware telemetry and agentic risk

Overview

This skill delegates user-requested coding work to Cursor AI with full repository access, which is powerful but clearly aligned with its stated purpose.

Install only if you intend to let Cursor AI inspect and modify the selected repository. Use a feature branch, review diffs before commits or pushes, avoid production branches, do not include secrets in task text, and verify the cursor-agent package source and version.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The usage section is broad enough to route many ordinary development tasks to a highly privileged coding agent without requiring tighter scope, approval gates, or task boundaries. In this context, that increases the chance of unnecessary invocation of an agent that can edit code and commit changes, which can amplify mistakes, unsafe modifications, or misuse across arbitrary repositories.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly states it can spawn an agent with full repository access and complete tasks by editing code and committing changes, but it does not present this as a prominent user-facing warning. Users may invoke it without understanding that it can modify many files and create commits automatically, creating a material risk of unintended code changes, destructive edits, or unreviewed commits.

Unpinned Dependencies

Low
Category
Supply Chain
Content
cursor-agent
Confidence
96% confidence
Finding
cursor-agent

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal