ClawHub

ia-debugging

Security checks across malware telemetry and agentic risk

Overview

This debugging skill is purpose-aligned and user-directed, but its optional diagnostics report can expose local project metadata if shared carelessly.

Install only if you want an agent to follow a rigorous debugging workflow and run local diagnostic commands. Before sharing any generated diagnostic report, review it for usernames, filesystem paths, repository names, remote URLs, branch names, and commit messages; avoid writing reports into version-controlled locations unless you intend to keep them there.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The guidance explicitly recommends collecting environment variables and optionally writing diagnostics to a file, but provides no warning that environment variables commonly contain secrets such as API keys, tokens, database URLs, and credentials. In a debugging skill, this is especially risky because users may share the generated output in bug reports, CI logs, chat transcripts, or commits, causing unintended secret disclosure.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script collects potentially sensitive diagnostics such as the current user, working directory, git branch, last commit subject, remote origin URL, installed tools, and selected environment details, then writes them to an arbitrary user-specified path without warning, redaction, or permission hardening. In a debugging skill, users may routinely share or persist this report, which increases the chance of accidental disclosure of internal repository names, infrastructure details, or local filesystem information.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal