ClawHub

Github CLI Complete

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward GitHub CLI command-reference skill, with expected authentication and administrative command guidance but no hidden execution or data collection.

Before installing or using it, verify the GitHub CLI install sources, be careful with sudo package-manager commands, use least-privilege tokens, avoid putting secrets in logs or shell history, and manually confirm any delete, archive, transfer, secret, key, workflow, extension, or raw gh api operation before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This section documents authentication, token handling, and secret/variable management commands without strong warnings about sensitive data exposure, token scope minimization, shell history leakage, or the destructive nature of secret updates/deletions. In an agent skill, presenting these operations as routine workflows increases the chance that an automated system or user will handle credentials unsafely or overwrite/delete remote secrets unintentionally.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill enumerates many destructive remote operations such as deleting repos, releases, issues, caches, secrets, variables, keys, and codespaces, but does not consistently warn that these actions can permanently modify or remove GitHub resources. In an automation-oriented skill, omission of safety guidance materially raises the risk of accidental destructive execution against production repositories or organization assets.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal