ClawHub

backup-optimizer

Security checks across malware telemetry and agentic risk

Overview

This deployment-planning skill appears to encourage bundling credential files into deployment artifacts, which could expose secrets even though there is no evidence of malware or exfiltration.

Review before installing. Do not use this skill unless the credential-packaging rules are removed or changed to explicitly exclude secrets and use secret managers, environment-specific secure stores, or runtime injection. Treat any generated bundle plan as sensitive because it may list secret file paths.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
The script explicitly classifies files of type 'credentials' together with environment and configuration files and then recommends bundling them for deployment consistency. In practice, this normalizes inclusion of secrets such as .env files, credential files, and service account keys into deployment artifacts, which can cause secret leakage, over-distribution of privileged material, and compromise of downstream systems if the bundle is stored or transferred insecurely.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The rationale text specifically endorses packaging credential files and service account keys as runtime necessities, which encourages operators or downstream tooling to ship long-lived secrets with application artifacts. That behavior materially increases the blast radius of artifact leakage and can expose cloud accounts, databases, CI/CD systems, or other infrastructure tied to those keys.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill explicitly recommends including credential materials such as .pem, .key, and service-account.json files in deployment packages, and frames this as necessary for consistency. That guidance can cause secrets to be propagated into build artifacts, broader storage locations, CI systems, and downstream environments, significantly increasing the chance of credential leakage and privilege compromise.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script writes a packaging plan that enumerates sensitive file paths, including credential-related artifacts, without warning or safeguards. Even if the plan contains paths rather than file contents, it still discloses the existence and location of high-value secrets and can facilitate accidental inclusion in backup, artifact, or review workflows.

Ssd 3

High
Confidence
99% confidence
Finding
The natural-language packaging rules instruct operators to include secret and credential files in deployment bundles. In the context of a deployment-planning skill, this is especially dangerous because it can normalize insecure handling of highly sensitive materials and lead to secrets being copied into artifacts, logs, backups, or repositories accessible to more systems and users than intended.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal